Security Engineer, Vulnerability Management and Remediation Operations

Job ID: 2961789 | Amazon Data Services UK Limited

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.

1. Analyse public and private vulnerability disclosures and exploit code.
2. Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
3. Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
4. Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner.
5. Engineer high quality, scalable, and accurate vulnerability detection mechanisms.
6. Design and implement automation, tools and workflows to enhance our operations capabilities.
7. Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.
8. Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL.

1. Bachelor's degree in computer science or equivalent.
2. Knowledge of networking protocols such as HTTP, DNS and TCP/IP.
3. Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language.
4. 5 years security engineering experience in system, network, and/or application security.
5. 5 years experience developing vulnerability assessment tests with Python or Java.
6. 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem.
7. 3 years experience troubleshooting networking, operating systems, applications, or cloud services.
8. 3 years experience building cloud-based services.

1. Experience with AWS products and services.
2. Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.