Amazon
Application Security Engineer, Amazon Ads Security
Amazon, New York, New York, us, 10261
Description
We are able to hire in the following locations:
Boston, Arlington, and NYC
The Amazon Ads Security Team is actively seeking an accomplished and skilled Application Security Engineer. Join our team and play a pivotal role in securing the advertising ecosystem, and ensuring the integrity and privacy of our advertising platforms. As an Application Security Engineer, you will tackle intricate security challenges specific to the advertising industry, working on a large scale and addressing complex vulnerabilities. Your primary responsibility will be to define and implement both short-term and long-term security strategies, collaborating closely with cross-functional teams to ensure the development and deployment of secure applications. Your exceptional prioritization skills and effective communication, spanning both technical and non-technical domains, will be crucial in providing actionable security guidance and driving continuous security improvements. The successful candidate will thrive in an autonomous and fast-paced environment, delivering results even in highly ambiguous situations.
Your commitment to keeping Amazon customers secure shines through as you passionately identify and mitigate vulnerabilities and risks. You are renowned for your outstanding prioritization skills and your ability to communicate effectively at all levels of the organization, whether technical or non-technical. Operating autonomously in highly ambiguous situations comes naturally to you, and you consistently deliver results in fast-paced environments.
If you are passionate about securing the advertising ecosystem, mitigating risks, and providing actionable guidance to drive long-term security improvements, we encourage you to apply. Join our team and be part of our mission to protect Amazon customers while working in a dynamic and challenging environment.
Key job responsibilities
• Perform security reviews including secure design and architecture review, threat modeling, threat assessments, secure code reviews, security testing, and security certifications
• Identify security gaps in applications, services, and products including internally developed, as well as third party solutions
• Determine findings criticality taking into account the relevant business, technical, and threat environment
• Produce reports that describes the work perform for a variety of audiences including technical and non-technical stakeholders
• Communicate findings to relevant stakeholders through a combination of verbal and written reports. Identify owners, and drive mitigation of findings within established SLAs
• Record findings and supporting evidence, work product, and testing results following established policies and procedures
• Design, develop, deploy, and maintain security automation, secure-by-default solutions, and other solutions that will enable developer and security engineering productivity using scripting or programming languages
• Develop a broad and deep technical understanding of the services, architectures, and products pertaining to the Customer Service organization
• Contribute to the long-term and short-term security strategy to ensure that applications are designed and built securely
• Comfortably transition between big picture, strategic thinking and tactical, day-to-day operational execution
• Review technical solutions to provide guidance to help mitigate security vulnerabilities as well as provide actionable long-term and short-term risk mitigation recommendations
• Improve secure software development life-cycle (SSDLC) practices across multiple organizations in Amazon
• Influence decision-makers and stakeholders to achieve a consistently high security bar
• Create relevant documentation, security guidance, and metrics to report to your stakeholders and business leaders and deliver these in a clear, concise manner
• Lead security initiatives with end-to-end ownership
• Participate in security escalations support including on-call rotation
• Evaluate and recommend new and emerging security products and technologies
• Support for mentoring, team building, recruiting activities, onboarding of new team members
• Own and carry out new, reoccurring, or ad-hoc security engineering projects and consultations
• Deliver practical security solutions providing the most customer-centric experience on the planet
• Must be a kind human who enjoys working in a fun team
Basic Qualifications
3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
Bachelor's degree in computer science or equivalent
Knowledge of networking protocols such as HTTP, DNS and TCP/IP
Preferred Qualifications
2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
Experience with AWS products and services
Experience with programming languages such as Python, Java, C+Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
We are able to hire in the following locations:
Boston, Arlington, and NYC
The Amazon Ads Security Team is actively seeking an accomplished and skilled Application Security Engineer. Join our team and play a pivotal role in securing the advertising ecosystem, and ensuring the integrity and privacy of our advertising platforms. As an Application Security Engineer, you will tackle intricate security challenges specific to the advertising industry, working on a large scale and addressing complex vulnerabilities. Your primary responsibility will be to define and implement both short-term and long-term security strategies, collaborating closely with cross-functional teams to ensure the development and deployment of secure applications. Your exceptional prioritization skills and effective communication, spanning both technical and non-technical domains, will be crucial in providing actionable security guidance and driving continuous security improvements. The successful candidate will thrive in an autonomous and fast-paced environment, delivering results even in highly ambiguous situations.
Your commitment to keeping Amazon customers secure shines through as you passionately identify and mitigate vulnerabilities and risks. You are renowned for your outstanding prioritization skills and your ability to communicate effectively at all levels of the organization, whether technical or non-technical. Operating autonomously in highly ambiguous situations comes naturally to you, and you consistently deliver results in fast-paced environments.
If you are passionate about securing the advertising ecosystem, mitigating risks, and providing actionable guidance to drive long-term security improvements, we encourage you to apply. Join our team and be part of our mission to protect Amazon customers while working in a dynamic and challenging environment.
Key job responsibilities
• Perform security reviews including secure design and architecture review, threat modeling, threat assessments, secure code reviews, security testing, and security certifications
• Identify security gaps in applications, services, and products including internally developed, as well as third party solutions
• Determine findings criticality taking into account the relevant business, technical, and threat environment
• Produce reports that describes the work perform for a variety of audiences including technical and non-technical stakeholders
• Communicate findings to relevant stakeholders through a combination of verbal and written reports. Identify owners, and drive mitigation of findings within established SLAs
• Record findings and supporting evidence, work product, and testing results following established policies and procedures
• Design, develop, deploy, and maintain security automation, secure-by-default solutions, and other solutions that will enable developer and security engineering productivity using scripting or programming languages
• Develop a broad and deep technical understanding of the services, architectures, and products pertaining to the Customer Service organization
• Contribute to the long-term and short-term security strategy to ensure that applications are designed and built securely
• Comfortably transition between big picture, strategic thinking and tactical, day-to-day operational execution
• Review technical solutions to provide guidance to help mitigate security vulnerabilities as well as provide actionable long-term and short-term risk mitigation recommendations
• Improve secure software development life-cycle (SSDLC) practices across multiple organizations in Amazon
• Influence decision-makers and stakeholders to achieve a consistently high security bar
• Create relevant documentation, security guidance, and metrics to report to your stakeholders and business leaders and deliver these in a clear, concise manner
• Lead security initiatives with end-to-end ownership
• Participate in security escalations support including on-call rotation
• Evaluate and recommend new and emerging security products and technologies
• Support for mentoring, team building, recruiting activities, onboarding of new team members
• Own and carry out new, reoccurring, or ad-hoc security engineering projects and consultations
• Deliver practical security solutions providing the most customer-centric experience on the planet
• Must be a kind human who enjoys working in a fun team
Basic Qualifications
3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
Bachelor's degree in computer science or equivalent
Knowledge of networking protocols such as HTTP, DNS and TCP/IP
Preferred Qualifications
2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
Experience with AWS products and services
Experience with programming languages such as Python, Java, C+Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.