The primary goal of the Review Mechanism (RM) team is to improve the security review process by increasing efficiency and quality to help reduce risk. We work closely with teams across Amazon to identify challenges and areas for improvement, using data and feedback to implement meaningful changes. We focus on refining the security review process and work with partner teams to improve wikis, knowledge bases, SKB, training. Additionally, we collaborate with teams like Shepherd, Veritas, and ASR to prioritize new feature development, while also creating our own tools to enable rapid experimentation and continuous improvement.
Key job responsibilities
- Optimize Security Review Process: Streamline and improve workflows to increase efficiency and reduce risk.
- Cross-Team Collaboration: Work with teams like Shepherd, Veritas, and ASR to drive feature development and align on security improvements.
- Identify Process Gaps: Analyze and address inefficiencies or low-quality areas in the security review process.
- Enhance Documentation and Training: Maintain and improve resources (wikis, SKB, training) for consistent security guidance.
- Data-Driven Improvements: Use data to make informed changes and track progress in the security review process.
- Develop Tools and Automations: Build and deploy internal tools to enable rapid experimentation and continuous improvement.
- Establish Feedback Loops: Collect and act on feedback to keep processes aligned with team needs.
- Experiment and Iterate: Test and refine tools, methods, and processes to stay adaptive to new threats and requirements.
- Champion Security Standards: Promote consistent security practices and high standards across teams.
About the team
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
- 5+ year's experience as a Security Engineer (such as application security, penetration testing, red teaming, incident response, etc.)
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, similar technology degrees or 8+ years' equivalent technology experience
- Experience with various threat modeling methodologies, coding skills and strong communication skills.
- Experience briefing senior leaders.
- Secure software development lifecycle experience.
- Knowledge of distributed systems and security protocols.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit
Senior Security Engineer, AppSec Review Mechanisms
Posted: | 19 Dec 2024 |
---|---|
Company: | Amazon |
Category: | Systems Security Engineering |
Country: | US - United States |
State: | None - None |
City: | Dallas |
Zip code: | None |