Pentest Security Engineer, Devices & Services Pentesting

Come join Amazon's penetration testing team dedicated to detecting and exploiting vulnerabilities across consumer services and devices, including Kuiper satellites. This role involves conducting in-depth security reviews of complex service workflows, authentication mechanisms, AI systems, mobile applications, web applications, and web service APIs.

The position is part of the Amazon Devices and Services Trust & Security (DSTS) organization, established in 2014 to protect customer trust, data, and systems. DSTS secures over 100+ device types, 12,000+ services, and 100+ product lines developed by 16,000+ builders.

As a Pentest Security Engineer, you will:

• Perform penetration testing on Amazon's Devices & Services
• Analyze source code for security vulnerabilities using automated and manual techniques
• Develop proof of concept exploits and validate patches
• Provide technical guidance for vulnerability remediation
• Create detailed documentation of findings and recommendations
• Collaborate with builder teams to improve security
• Continuously develop technical skills and contribute to program improvements

The role offers:

• Flexible work-life balance
• Opportunity to work with cutting-edge technologies
• Supportive team environment focused on knowledge sharing
• Career growth and skill development opportunities
• Impact on securing Amazon's consumer products used by millions

The ideal candidate will have strong technical skills in web security, ability to understand complex architectures, and passion for finding and fixing security vulnerabilities. The position offers competitive compensation ranging from $125,500 to $212,800 per year based on location, plus benefits and equity.