We use cookies. Find out about cookies here. By continuing to browse this site you are agreeing to our use of cookies.

Security Engineer - Operations, Bangalore

CategorySystems, Quality, & Security Engineering
Job typeFull Time
The Team: How often have you had an opportunity to be a founding member of a team that is tasked with solving a huge business problem through technology innovations? Would you like to know more about how cutting edge in computer science like computer vision and machine learning can be used to solve these problems? If this sounds intriguing, then we'd like to talk to you about a role on a new Amazon initiative. We are highly entrepreneurial, wear many hats, and work in a highly collaborative environment that's more startup than a big company.

The Role: As a Senior Operations Engineer you will help ensure our applications and services are designed and implemented to the highest standards. If you enjoy analyzing the security of applications and services, discovering and addressing security issues and quickly reacting to new threat scenarios, this position will provide you with a challenging opportunity. You will participate in security audits, risk analysis, vulnerability testing and security reviews across all elements of this project's software systems.

This role will draw on multiple disciplines:
• Security Engineering: emphasis on operating systems and networking, foundational Internet services, modern exploitation techniques, and hacking tools.
• Data Science and Intelligence Analysis: emphasis on detecting anomalies in large unstructured data sets, ability to synthesize data and reports from different sources, make logical inferences about that data, and publish results.
• Software Development: ability to develop your own small tools and scripts to aid in data processing or other aspects of an investigation.
You will tackle challenging, novel situations every day and given the size of this initiative, you'll have the opportunity to work with multiple technical teams at Amazon in different locations. You should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven't been solved at scale before. Along the way, we guarantee that you'll learn a ton, have fun and make a positive impact on millions of people.

Basic Qualifications:
• Liaison the Vulnerability Assessment, Penetration Testing, Application Security program.
• Strong towards Data Leak, System Hack, Application security, Cloud security, Authentication, Authorization, Pen Testing, OWASP vulnerabilities assessment & fix.
• Subject matter expert: SME for all AppSec Security matters in the organization. •
• Experience in security architecture, making sure applications, infrastructure, network infrastructure and cloud environment are designed and implemented with best security practices. •
• Evaluate application security processes as it relates to application, risk management, threat modelling, security testing, compliance, penetration testing, and security tooling. •
• Liaison with security engineering, AppSec, SIRT and VAPT teams to address the internal & external requests related to AppSec. •
• Manage internal and external assessment requirements, regulatory compliance and address requests related to the application penetration Test, Perform vulnerability risk profiling and prioritization of vulnerabilities, maintains security issues logged, tracked and followed up.

Preferred Qualifications:
• Bachelors or master's degree in the field of Information Security, Computer Science or highly related program
• 5+ years of experience in vulnerability management, penetration testing and application security controls implementation.
• Security certifications (CISSP / GCIH / PAN-200/ OSWE/OSCP)
• Deep understanding & expertise with highly transactional, large relational and complex systems.
• Knowledge of technical security issues facing large multinational companies.
• Knowledge of OWASP top 10 vulnerabilities. Exposure to application security methodologies to identify Security Vulnerability.
• Exposure to vulnerabilities related to API security, Container, Micro Services.
• Exposure to the Application Security Vulnerabilities (OWASP Top 10), security testing methodologies and related tools such as Fortify, WebInspect, BurpSuite

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.