Sr. Security Engineer Amazon
Seattle, WA

Job Description

Amazon's Internal Offensive Security Research Team is looking for a skilled security researcher to join our team's efforts to help keep Amazon secure by uncovering and exploiting any vulnerabilities present across the scope of Amazon products and services.

At Amazon we're working to be the most customer-centric company on Earth. This team strives to protect our customers and their data through analyzing the systems that work for them. Are you ready to partner with Amazon's cutting-edge business and engineering groups to uncover vulnerabilities in hardware and software across Amazon? Are you looking for a position that will leverage and grow your vulnerability assessment/exploitation skills, expand your knowledge of technology at scale, and provide opportunities to problem solve with some of the best minds in the industry? Then this is the position for you.

This role has a broad scope which includes source code analysis, network penetration, protocol fuzzing, and application exploitation. Additionally, the researcher is expected to design, develop, and execute novel abuse campaigns engineered to push the limits of Amazon's detection processes and capabilities. In this position you will explore a variety of different products and services created by Amazon. You must be able to understand complex business processes and technology to identify the full range of risks that could be exploited.

Candidates must demonstrate resilience and navigate difficult situations with composure and tact.

This role requires implementation of one's security knowledge, coupled with the ability to learn and operate as part of a team of highly skilled individuals.

Responsibilities/Skills

* Partner with tech teams to learn intricate distributed systems and end-to-end processes to identify potential vulnerabilities
* Perform vulnerability assessments of complex client systems, hardware, services, APIs, and networks to discover vulnerabilities
* Design, develop, and execute covert red team campaigns
* Develop fully functional exploit chains to assess newly discovered vulnerabilities
* Research and develop novel AV evasion techniques and implement stealthy C2 protocols to constantly push the limits of Amazon's detection processes and capabilities
* Conduct full cycle engagements with business units as part of a team
* Use effective interpersonal skills to work across teams and within different areas and groups
* Summarize technical vulnerabilities and make concise, actionable recommendations for senior leadership using excellent written and verbal communication skills