Security Engineer III - AMZ25957.4

Job description

Employer: Amazon Development Center U.S., Inc. Position: Security Engineer III - AMZ25957.4 Location: Arlington, VA Multiple Positions Available: 1.Conduct comprehensive security review within the Secure Software Development Life Cycle (SDLC) for Amazon and AWS services, specifically focusing on database, analytics, search, and storage product offerings. 2. Perform detailed design reviews and threat modeling for new features and offerings, including penetration testing coordination and vulnerability management for Amazon product teams' software. 3. Lead holistic security assessments of internal and external services supporting Amazon cloud offerings, with emphasis on identifying, documenting, and managing legacy vulnerabilities. 4. Execute peer reviews of security engineering work to ensure thorough due diligence, identify potential antipatterns, and validate security measures before feature releases. 5. Provide expert security consultation to software engineering teams, covering: Cryptography, Security in transit and at rest, Database security, Application security, Infrastructure security and Internal security processes. 6. Develop security review tools utilizing Java and Soot Framework for static code analysis, Python for semantic analysis and Automation solutions for ticketing and management processes. 7. Create comprehensive security documentation for database, analytics, search, and storage services to facilitate high-quality security analysis. 8. Conduct in-depth security code reviews of repositories and commits, including analysis of internal…