DESCRIPTIONAmazon is seeking qualified Application Security (AppSec) Engineers to join our innovative, high energy Amazon Payments India Security team and work within the Consumer Stores Security organization. Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Paramount to our success is ensuring that our customer data is secure.As an application security engineer within India Payments Security, you will partner with engineering teams in a consulting facility throughout the Software Development Life Cycle (SDLC), to ensure that applications are designed and built securely. You will identify potential vulnerabilities in the applications and enable developers to understand and remediate such identified vulnerabilities.Key job responsibilities
- Perform security reviews including secure design and architecture, threat modeling, threat assessments, secure code reviews, security testing, and security certifications.
- Identify security gaps in applications, services, and products including internally developed, as well as third party solutions.
- Determine findings criticality taking into account the relevant business, technical, and threat environment.
- Produce reports that describes the work perform for a variety of audiences including technical and non-technical stakeholders.
- Design, develop, deploy, and maintain security automation, secure-by-default solutions, and other solutions that will enable developer and security engineering productivity using scripting or programming languages.
- Develop a broad and deep technical understanding of the services, architectures, and products pertaining to Amazon\'s payment ecosystem.
- Contribute to the long-term and short-term security strategy to ensure that applications are designed and built securely.
- Influence decision-makers and stakeholders to achieve a consistently high security bar.
- Create relevant documentation, security guidance, and metrics to report to your stakeholders and business leaders and deliver these in a clear, concise manner.
- Deliver practical security solutions providing a customer-centric experience.
- Build security utilities and tools that enable security operations at high speed and wide scale. Develop detections and alerts to identify potential incidents.
- Analyze logging and alerting infrastructure to ensure appropriate coverage and response capability.
- Evaluate impact of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams.
- Communicate effectively at multiple levels of sensitivity to multiple audiences.
- Recognize, adopt and instill best security engineering practices throughout the organization.
- Participate in security escalations support including on-call rotation.About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn\'t followed a traditional path, or includes alternative experiences, don\'t let it stop you from applying.Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon\'s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there\'s nothing we can\'t achieve.Inclusive Team Culture
In Amazon Security, it\'s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Mentorship and Career growth
We\'re continuously raising our performance bar as we strive to become Earth\'s Best Employer. That\'s why you\'ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.BASIC QUALIFICATIONS- BS in Computer Science, Information Security, or equivalent professional experience.
- 8+ years of experience in application security, product security, or systems security and 5+ years writing production-level code in at least one scripting or compiled language such as Java, Python, JavaScript, Go, Ruby, C# or C/C++
- Proven experience in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit techniques, and methods for their remediation and 5+ years of experience securing cloud services such as AWS, Azure, and Google Cloud.
- A strong understanding of technologies processing payments processing and financial services.PREFERRED QUALIFICATIONS- Master\'s degree in Computer Science, Information Security, Computer Engineering or equivalent and relevant industry certifications from SANS, GIAC, CISSP, OSCP, etc.
- In-depth technical understanding of OWASP Top 10, and SANS 25 vulnerability identification and remediation and experience with securing financial and payment processing systems, evaluating from Layer 3 to Layer 7 and with end-to-end security ownership.
- Experience driving multiple technically complex security initiatives while remaining effective at providing security guidance to stakeholders.
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.