Security Engineer, Internal Audit
Description For Security Engineer, Internal Audit
Amazon's Internal Audit Security team is seeking a Security Engineer II to join their mission of protecting customer data and maintaining Amazon's security infrastructure. This role combines technical expertise in vulnerability assessment, exploitation, and penetration testing with the opportunity to work on critical systems across Amazon's vast technology landscape.
The position involves partnering with world-class engineering teams to uncover vulnerabilities, design novel abuse scenarios, and assess large-scale security solutions. You'll be conducting comprehensive security assessments of Amazon's products, services, and infrastructure, utilizing skills in source code analysis, network penetration, and application exploitation.
As a Security Engineer, you'll be responsible for designing and implementing methodologies for security assessments of critical Amazon systems. The role offers exposure to the full spectrum of technology used across Amazon and its subsidiaries, allowing you to influence security architectures and communicate risks directly to Senior Executives.
The Internal Audit Security team executes independent assessments of Amazon's layered security controls, prioritizing systems and processes that impact foundational technologies, human safety, privacy, customer data durability, and financial systems. The team emphasizes active testing and custom tooling to enable safe operation at scale.
This position offers competitive compensation ranging from $136,000 to $212,800 per year, depending on location, plus additional benefits including medical insurance and 401k. Amazon values diversity and inclusion, fostering an environment that promotes knowledge sharing, mentorship, and career growth.
The ideal candidate will combine technical depth with the ability to work both independently and as part of highly-skilled teams. This role represents an opportunity to make a significant impact on the security posture of one of the world's largest technology companies while working with cutting-edge security tools and methodologies.
Responsibilities For Security Engineer, Internal Audit
- Conduct full-cycle security engagements spanning vulnerability discovery, exploitation, risk analysis, and remediation planning
- Perform security assessments including design reviews, threat modeling, and penetration testing
- Execute comprehensive security testing following Internal Audit standards
- Develop novel abuse scenarios and campaigns to enhance Amazon's security
- Build large-scale security solutions for testing, monitoring, remediation, analytics, and automation
- Collaborate with development teams to create new security tooling
- Prepare and deliver security risk recommendations to technical teams and leadership
Requirements For Security Engineer, Internal Audit
- 4+ years experience in offensive and/or defensive security roles
- Bachelor's degree in Computer Science, related fields, or equivalent experience
- Proficiency in multiple programming and scripting languages like Python, Ruby, Bash, C, and Java
- Hands-on experience with security testing tools and techniques
- Excellent written/verbal communication skills
Benefits For Security Engineer, Internal Audit
- Medical Insurance
- 401k
Jobs Related To Amazon Security Engineer, Internal Audit
