Security Engineer, Payments Security

Amazon

Seattle, WA

Apply

JOB DETAILS

SKILLS

Academic Research, Access Control, Amazon Web Services (AWS), Analysis Skills, Application Framework, Applications Security, Artificial Intelligence (AI), Authentication, Best Practices, C Programming Language, Cloud Computing, Code Reviews, Communication Skills, Computer Security, Cryptography, Customer Experience, Customer/Client Research, Data Analysis, Develop and Maintain Customers, Documentation, Ecosystems, Establish Priorities, Financial Transactions, Healthcare, Incident Response, Information/Data Security (InfoSec), Internet Application, Java, Leadership, Mathematics, Metrics, Mobile Applications, Model Review, On Call, Penetration Testing, Presentation/Verbal Skills, Product Development, Product Engineering, Publications, Python Programming/Scripting Language, Retail, Risk Analysis, Risk Management, Scalable System Development, Scripting (Scripting Languages), Security Analysis, Security Attacks, Single Sign-On (SSO), Software Development, Software Development Lifecycle (SDLC), Startup, Testing, Threat Modeling, Time Management, Transaction Processing/Management, Trend Analysis, Vehicle Driving, Writing Skills

LOCATION

Seattle, WA

POSTED

30+ days ago

Description As a Product Security Engineer at Amazon Payments Security, you'll be at the forefront of protecting systems that handle financial transactions and customer data for millions of Amazon customers. Your mission? Fortify our payment systems and payment methods with impenetrable security measures. Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Over 100 million customers and merchants send tens of billions of dollars flow through our systems annually. At Amazon Payments Security, we play a crucial role in promoting best security practices within the internal Payments ecosystem, as well as spearheading the development of secure payment products that prioritize data protection from their inception. A Security Engineer in Amazon will be strong in multiple security domains and sought out for advice on technical issues. Efficient time management skills are required along with the ability to deliver results in the face of uncertainty. Engineers in this role must show exemplary judgment in making technical trade-offs between short versus long term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. The successful candidate must be one that can handle several difficult challenges and problems, can make risk-based assessments founded on data and facts. Additionally, the successful candidate will be: - Methodically empirical and experimental in approach and evaluation without being bound by over paralysis-by-analysis; - Work ceaselessly to improve knowledge of the security field, threat landscape, security intelligence, moving proactively toward prevention and detection of threats; - Be an enthusiastic learner and curiosity seeker, focusing on what can be done rather than hindered by notions of what cannot be; - Possess effective verbal and written communication skills, be passionate about sharing knowledge, tactics, strategy, as well as advocating for the project mission; - Have excellent time management skills along with the ability to deliver results in the face of uncertainty; and - Evangelize security within Amazon.com and be an advocate for customer trust. A successful candidate will be a deeply curious individual who brings technical expertise, and ability to work within a fast-paced startup culture in a large company that has broad business impact. This is a unique opportunity to start with Amazon Payments and innovating and scaling security to protect customer trust. Key job responsibilities As a security engineer, you will/may: * Develop a broad and deep technical understanding of products, services and architectures pertaining to the Amazon Payments organization. * Leverage this understanding to conduct architecture reviews, threat modelling and code reviews on web applications, mobile applications and other relevant services. * Interpret security tools and penetration testing results to stakeholders, providing advice on prioritisation, vulnerability remediation and risk mitigation. * Create relevant documentation and metrics to your stakeholders and business leaders and deliver these in a clear, concise manner. * Research and maintain proficiency in attacker Tools, Techniques, Procedures and other security topics. * Propose and develop materials to help raise the security bar across the Payment Engineering organization. * Build and integrate innovative and scalable tools, solutions, and processes to enhance the Payments Security's operations and to provide a customer-centric experience. * Analyze logging and alerting infrastructure to ensure appropriate coverage and response capability. * Evaluate impact of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams. * Participate in security escalations support including on-call rotation. A day in the life As a Security Engineer, you will collaborate with application development teams to ensure we keep our customers safe while developing novel services. In a given day, you might be inspecting an application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security specialist with one or more areas of deep expertise within application security. They will clearly articulate risks to technical and non-technical audiences alike. Successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions. About the team Payments Security team operates on the mission to eliminate all trustbusters related to Amazon's payment experience, protect and be good custodians of the sensitive data customers trust us with. A security engineer in Payments Security team will work closely with application developers, evangelize security and build scalable detection and prevention mechanisms that help secure applications. Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve. Inclusive Team Culture In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Training and Career growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. Basic Qualifications - Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security - 2+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience - Experience with threat modeling and penetration testing - Knowledge of security technology and concepts (Authentication, Authorization, Single sign-on, Cryptography, etc.) - Experience in written and verbal communication skills to communicate with technical and non-technical audiences, including senior leadership - Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C+Preferred Qualifications - Experience with AWS services or other cloud offerings - Experience implementing security solutions at the cross-team level - 1+ year of experience in Secure SDLC - Ability to drive multiple technically complex security reviews together while remaining effective at providing security guidance to stakeholders. Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits . USA, WA, Seattle - 136,000.00 - 184,000.00 USD annually

About the Company

Amazon

At Amazon, we don’t wait for the next big idea to present itself. We envision the shape of impossible things and then we boldly make them reality. So far, this mindset has helped us achieve some incredible things. Let’s build new systems, challenge the status quo, and design the world we want to live in. We believe the work you do here will be the best work of your life.

Wherever you are in your career exploration, Amazon likely has an opportunity for you. Our research scientists and engineers shape the future of natural language understanding with Alexa. Fulfillment center associates around the globe send customer orders from our warehouses to doorsteps. Product managers set feature requirements, strategy, and marketing messages for brand new customer experiences. And as we grow, we’ll add jobs that haven’t been invented yet.

It’s Always Day 1
At Amazon, it’s always “Day 1.” Now, what does this mean and why does it matter? It means that our approach remains the same as it was on Amazon’s very first day – to make smart, fast decisions, stay nimble, invent, and stay focused on delighting our customers. In our 2016 shareholder letter, Amazon CEO Jeff Bezos shared his thoughts on how to keep up a Day 1 company mindset. “Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight,” he wrote. “A customer-obsessed culture best creates the conditions where all of that can happen.” You can read the full letter here

Our Leadership Principles
Our Leadership Principles help us keep a Day 1 mentality. They aren’t just a pretty inspirational wall hanging. Amazonians use them, every day, whether they’re discussing ideas for new projects, deciding on the best solution for a customer’s problem, or interviewing candidates. To read through our Leadership Principles from Customer Obsession to Bias for Action, visit https://www.amazon.jobs/principles

COMPANY SIZE

10,000 employees or more

INDUSTRY

Other/Not Classified

FOUNDED

1994

WEBSITE

http://Amazon.com/militaryroles