Security Engineer II, Identity and Security Abuse Prevention, WW Ops Security

Security Engineer II, Identity and Security Abuse Prevention, WW Ops Security

Are you interested in helping ensure exceptional services and security for customers? Do you have a passion for architecture, security, software design, and innovative technologies? The Identity and Security Abuse Prevention team within WWOps Security is looking for an ideal candidate who is interested in diving deep into a variety of complex, interrelated identity architectures to ensure secure practices and policies are upheld. You will support the planning, scoping, execution, and reporting based on identified risks. Assessment scope may include identity and access management, key management, data security/privacy, service monitoring, release management, and service availability.
You will bring independent and objective points of view to provide support to our services to identify opportunities for control improvements to mitigate risks, ensure compliance and improve operational performance. In this capacity, you will gain valuable exposure to many areas of our global business.
This position will challenge your current understanding of Amazon services. You will have the ability to learn new technology concepts quickly. You are someone who is curious and known for diving deep into subject matter, taking ownership, and encouraging innovative and pragmatic solutions to complex problems. In addition, you will have solid business judgment, the ability to gain trust and respect of business leaders, and the capability to guide a fast-paced organization to the right results.
This position will be based out of Seattle, Washington or Jersey City, New Jersey and may require up to 25% travel, including international travel.

Key job responsibilities

1. Acting as subject matter expert on risk-based security reviews and assessments at scale
2. Collecting/reviewing data from multiple sources to assess service security posture.
3. Building, evolving, and improving sustainable processes and measurement systems to ensure that security policy requirements are maintained.
4. Deliver products and services to enable effective Identity and Access Management throughout Operations
5. Enforce compliance with IAM principles including: least privilege access, password management, audit logging, RBAC, certificate issuance and revocation, and AAA solutions.
6. Understand the Amazon identity management ecosystem holistically and identify existing services and capabilities that may solve existing problems
7. Develop, deploy and maintain password management, user account lifecycle, certificate management and system authentication solutions within operations
8. Engage with and influence the many stakeholders across WWOps to ensure compliance, security and operational functional requirements are met or exceeded
9. Create and implement automated processes that reduce manual efforts and increase overall efficiency and scalability
10. Develop monitoring and reporting on the health, effectiveness and efficiency of IAM services
11. Improve the efficiency and scalability of operational systems and processes to accommodate the rapid growth of users

BASIC QUALIFICATIONS

- Bachelor’s degree in Information Security, Computer Science, Engineering, Math, Statistics or related discipline, or additional equivalent technology experience
- 5+ years of experience in identifying security issues and risks, and developing mitigation plans
- 3+ years of experience in one or more of the following areas: identity and access management, cryptography, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments
- Experience communicating with technical and non-technical stakeholders at all levels across multiple business units
- Experience establishing and maintaining strong working relationships with a wide variety of stakeholders (e.g. Legal, Business Development, Internal Audit, Fraud Prevention, Physical Security, Software Developer Community, Network Engineering, etc.)

PREFERRED QUALIFICATIONS

- 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- CISSP, CISA, or related GIAC Information Security certification
- Consistent demonstration of utilizing automation to solve recurring problems at scale
- Experience driving multiple technically complex security initiatives while remaining effective at providing security guidance to stakeholders
- Excellent leadership, teamwork and collaboration skills and excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit here .

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit here .

Posted: September 9, 2024 (Updated 10 days ago)

Amazon is an Equal Opportunity Employer – Minority / Women / Disability / Veteran / Gender Identity / Sexual Orientation / Age.