Lead Security Engineer, Audible Security

Description

At Audible, we believe stories have the power to transform lives. It’s why we work with some of the world’s leading creators to produce and share audio storytelling with our millions of global listeners. We are dreamers and inventors who come from a wide range of backgrounds and experiences to empower and inspire each other. Imagine your future with us.

ABOUT THIS ROLE

As a Security Engineering Leader at Audible you will advocate for information security throughout all our software development and business processes. You will work with other Security Engineers, Application Developers, System Engineers, and Business Leaders to protect our customers and Audible’s business.

ABOUT THE TEAM

Audible Information Security team is looking for an experienced Security Engineering Leader to join our world class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, applications and data assets.

As a Security Engineering Leader, you will...

• Drive the security architecture of the industry leading technology underlying the Audible web and mobile applications and services to define and implement secure-by-default and defense-in-depth strategies

• Partner with the developer teams developing our services, and contribute security expertise to the architecture and design of Audible systems

• Apply your knowledge to conduct or guide deep testing of these systems to uncover security issues both manually and using developing automation tools as needed to support your work

• Research new techniques, vulnerabilities, and attack vectors in these components to proactively drive security improvement across each functional area

• Play a pivotal role in Audible InfoSec and Audible development community, setting direction for security of key technologies and serving as a subject matter expert resource for security engineers and business leaders inside and outside of your organization

• Apply your security and business knowledge to drive secure and pragmatic improvements broadly to Audible services, making technical trade-offs between short versus long term security and business goals

ABOUT AUDIBLE

Audible is the leading producer and provider of audio storytelling. We spark listeners’ imaginations, offering immersive, cinematic experiences full of inspiration and insight to enrich our customers daily lives. We are a global company with an entrepreneurial spirit. We are dreamers and inventors who are passionate about the positive impact Audible can make for our customers and our neighbors. This spirit courses throughout Audible, supporting a culture of creativity and inclusion built on our People Principles and our mission to build more equitable communities in the cities we call home.

Basic Qualifications

• BS in Engineering or Computer Science, or other relevant degree

• 5+ years of experience in security engineering, in areas including application security, secure SDLC, penetration testing, system/network/cloud security, incident response, and risk mitigation

• 1+ years of experience in a technical leadership role

• Hands-on technical expertise in building effective security solutions at large scale

• Experience in mentoring an engineering community on complex technical issues or ambiguous technical challenges

Preferred Qualifications

• MS in Engineering or Computer Science, or other relevant degree

• Strong understanding of web application, networking, and cloud technologies

• Excellent writing and verbal communication skills

• Ability to identify security issues and risks, and develop mitigation plans or solutions

• Expert knowledge of web and mobile application vulnerabilities, attacks, and mitigation methods

• Demonstrated experience using communication skills to advocate security for both technical and non-technical audiences

• Experience in driving large scale, cross-organization initiatives

• Sharp analytical abilities and proven innovation skills to unblock adoption of security mechanisms

• Relevant industry certifications (e.g., SANS/GIAC, OSCP/OSWA/OSWE, CompTIA, Microsoft, Linux, AWS)

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.