Sr. Penetration Testing Security Engineer, AWS

Do you enjoy breaking software and services? Do you strive to understand systems, software, and services deeply in order to break them? Do you find yourself automating away your work every single day? If so, we’re looking to hire you!

The Amazon Web Services (AWS) Security pentest team is looking to hire a Penetration Testing Security Engineer to join its ranks. Our team is responsible for performing manual penetration tests for all products, services, and software released by AWS. Our team is also responsible for scaling penetration testing at AWS. We write a variety of automated tooling (e.g. fuzzers, scanners, analyzers, etc.) to reduce the need to perform manual penetration testing.

If you’re passionate about finding security bugs, writing tools to reduce manual testing, and enjoy seeing your work’s impact across the internet, then this position is for you.


Responsibilities:
* Execute manual penetration testing engagements against a variety of web services and software.
* Write automation to help scale security testing at AWS
* Provide actionable long-term risk mitigation guidance
* Conduct vulnerability research pertaining to AWS relevant technologies


Amazon.com is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.

Basic Qualifications

* A Bachelor’s degree in Computer Science, Cybersecurity, or other related fields, from an accredited university. Equivalent professional experience can be used in lieu of a degree.
* Minimum of 4 years of experience in professional penetration testing, bug hunting, or CTF experience.
* Minimum of 4 year of experience in scripting in Python or other equivalent interpreted programming languages
* Minimum on 4 year of professional experience with security engineering practices such as in web application security, network security, authN/authZ protocols, cryptography, automation, and other software security.

Preferred Qualifications

* Experience with AWS technologies and services (e.g. S3, Lambda, EC2, KMS, IAM, etc.)
* Experience with penetration testing, red teams, CTF (Capture The Flag), or bug bounties
* Experience with penetration testing tools
* Experience with multiple programming languages
* Meets/exceeds Amazon’s leadership principles requirements for this role
* Meets/exceeds Amazon’s functional/technical depth and complexity for this role

Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.