Application Security Engineer, Buy With Prime
Singapore, SGP
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
We are looking for a Application Security Engineer to design security controls and help validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and decisively taking action to mitigate emerging threats throughout a full software development life-cycle (SDLC).
This role will provide career growth opportunities as you gain new security skills in the course of your work. Security engineers at Amazon have an opportunity to experiment, learn, build tools, and work with teams building new technology and services at massive scale.
A successful candidate will need a combination of troubleshooting, technical, and communication skills. An Application Security Engineer must have the ability to take ownership and deliver on multiple complex objectives which may include project and software development work.
Key job responsibilities
- Lead security projects with end-to-end ownership, including security reviews (including threat modelling, secure design and implementation of security controls), tool development, and creation of new security practices
- Influence decision-makers and stakeholders throughout the organization in multiple teams to achieve a consistently high security bar
- Develop security tools and automation
- Develop and deliver security training or knowledge sharing to internal development teams
- Create security guidance and documentation
- Support the development and improvement of metrics that drive desired behavior and security outcomes
- Support penetration testing engagements and work with software teams to remediate findings
- Support for mentoring, team building and recruiting activities
About the team
Our team is geographically dispersed, with members across Australia and North America. We thrive on both autonomy and collaboration. We’re flexible in how we approach work and always seek to improve things, no matter how small they may first appear to be. We hold a high bar in everything we do. We embrace challenges and always do right by our customers, even if it’s the difficult thing to do. We’re dedicated to supporting new members, with a broad mix of experience levels and tenures, and we’re fostering an environment that celebrates knowledge sharing and mentorship. Our team primarily focuses on supporting the Buy with Prime product.
Buy with Prime is helping people re-imagine the way they shop... wherever they do! Our vision is to enable every entrepreneur in the world to reach every customer in the world through every channel they can imagine. Buy with Prime is a new way to extend Prime shopping benefits—including fast, free shipping, a seamless checkout experience, and free returns—to merchants’ own online stores, ultimately increasing selection for Prime members. For over 20 years, Amazon been empowering small and medium-sized businesses with opportunities to grow. Buy with Prime is an exciting next step in our mission to help merchants of all sizes grow their business—whether on Amazon or beyond.
We are open to hiring candidates to work out of one of the following locations:
Singapore, SGP
- Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
- Minimum of 5 years of professional experience either in, or working closely with application security.
- Minimum 4 years of experience with any combination of at least 2 technical disciplines, including the following: code review, cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, application penetration testing, authentication and authorization, network architecture, system administration, and systems engineering
- Experience with building or reviewing threat models
- Experience defining security controls with product/service teams
- Experience with one or more programming languages (such as Java, Python, etc) for the purpose of code review
- Ability to lead through influence within the software development life-cycle for multiple products and technologies, meeting customer expectations for security
- Experience implementing security solutions that resolve security and business risk trade-offs
- An understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP)
- An understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)
- Familiarity with reverse engineering or vulnerability research
- Professional experience with applied cryptography
- Familiarity with infrastructure or hardware security
This role will provide career growth opportunities as you gain new security skills in the course of your work. Security engineers at Amazon have an opportunity to experiment, learn, build tools, and work with teams building new technology and services at massive scale.
A successful candidate will need a combination of troubleshooting, technical, and communication skills. An Application Security Engineer must have the ability to take ownership and deliver on multiple complex objectives which may include project and software development work.
Key job responsibilities
- Lead security projects with end-to-end ownership, including security reviews (including threat modelling, secure design and implementation of security controls), tool development, and creation of new security practices
- Influence decision-makers and stakeholders throughout the organization in multiple teams to achieve a consistently high security bar
- Develop security tools and automation
- Develop and deliver security training or knowledge sharing to internal development teams
- Create security guidance and documentation
- Support the development and improvement of metrics that drive desired behavior and security outcomes
- Support penetration testing engagements and work with software teams to remediate findings
- Support for mentoring, team building and recruiting activities
About the team
Our team is geographically dispersed, with members across Australia and North America. We thrive on both autonomy and collaboration. We’re flexible in how we approach work and always seek to improve things, no matter how small they may first appear to be. We hold a high bar in everything we do. We embrace challenges and always do right by our customers, even if it’s the difficult thing to do. We’re dedicated to supporting new members, with a broad mix of experience levels and tenures, and we’re fostering an environment that celebrates knowledge sharing and mentorship. Our team primarily focuses on supporting the Buy with Prime product.
Buy with Prime is helping people re-imagine the way they shop... wherever they do! Our vision is to enable every entrepreneur in the world to reach every customer in the world through every channel they can imagine. Buy with Prime is a new way to extend Prime shopping benefits—including fast, free shipping, a seamless checkout experience, and free returns—to merchants’ own online stores, ultimately increasing selection for Prime members. For over 20 years, Amazon been empowering small and medium-sized businesses with opportunities to grow. Buy with Prime is an exciting next step in our mission to help merchants of all sizes grow their business—whether on Amazon or beyond.
We are open to hiring candidates to work out of one of the following locations:
Singapore, SGP
Basic Qualifications
- Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
- Minimum of 5 years of professional experience either in, or working closely with application security.
- Minimum 4 years of experience with any combination of at least 2 technical disciplines, including the following: code review, cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, application penetration testing, authentication and authorization, network architecture, system administration, and systems engineering
- Experience with building or reviewing threat models
- Experience defining security controls with product/service teams
- Experience with one or more programming languages (such as Java, Python, etc) for the purpose of code review
Preferred Qualifications
- Professional experience conducting security assessments, including penetration testing- Ability to lead through influence within the software development life-cycle for multiple products and technologies, meeting customer expectations for security
- Experience implementing security solutions that resolve security and business risk trade-offs
- An understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP)
- An understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)
- Familiarity with reverse engineering or vulnerability research
- Professional experience with applied cryptography
- Familiarity with infrastructure or hardware security
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
15
4
0
Categories:
AppSec Jobs
Security Engineering Jobs
Tags: Application security Automation Cloud Computer Science Cryptography Java Mobile security Network security Pentesting Python Reverse engineering SDLC Security assessment TCP/IP TLS
Perks/benefits: Career development Flex hours Team events
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Penetration Tester jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsSenior Cyber Security Engineer jobsInformation System Security Officer jobsSenior Network Security Engineer jobsSecurity Consultant jobsPrincipal Security Engineer jobsSenior Penetration Tester jobsCloud Security Architect jobsChief Information Security Officer jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsStaff Security Engineer jobsCyber Security Specialist jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsIT Security Analyst jobs
RMF jobsEncryption jobsSaaS jobsMalware jobsSDLC jobsGDPR jobsIPS jobsSQL jobsEDR jobsIDS jobsForensics jobsTop Secret jobsSplunk jobsDoDD 8570 jobsITIL jobsBash jobsFinance jobsCompTIA jobsOWASP jobsUNIX jobsIntrusion detection jobsCRISC jobsTerraform jobsTCP/IP jobsDocker jobs
SANS jobsPolygraph jobsGIAC jobsData Analytics jobsActive Directory jobsThreat detection jobsBanking jobsClearance Required jobsCCSP jobsSOAR jobsAnsible jobsVPN jobsIT infrastructure jobsDNS jobsOSCP jobsGCIH jobsJira jobsJavaScript jobsSOX jobsArtificial Intelligence jobsSAP jobsSecurity strategy jobsSOC 2 jobsCyber defense jobsOracle jobs