AWS Security - Senior Cloud Security Engineer

Compensation

: $140,345.00 - $187,860.00 /year *

Employment Type

: Full-Time

Industry

: Defense/Security Clearance





As a Senior Product Security Engineer, you deeply understand the technology stack used at our company; you aim to identify and eliminate security vulnerabilities proactively. Your focus is to build tools and services that ensure the safety of our platform and its valued client data against commonly known attacks. You will lead within the Information Security team by scoping and delivering tooling and services while mentoring your teammates to ensure they are delivering in line with our team culture and practices.


The Product Security team works on the following:



  • Perform application threat modeling

  • Create the guiding application security documentation and advice to engineers

  • Coordinate and perform manual and automated code tests

  • Ownership and coordination of automation initiatives and projects

  • Ownership and coordination of the periodic application penetration tests and Bug Bounty program

  • Perform ad-hoc application and code security scans

  • Conduct analysis and share the root cause of common security issues within the code and how to avoid them

  • Act as the technical leader and mentor within Information Security as well as Product and Engineering teams


Requirements



  • 5+ years of relevant work experience on an internal security team, working either on the offensive or defensive sides of security

  • Demonstrate the ability to understand and discover attack surfaces, live and breath commonly known attacks such as Cross-Site Scripting, Remote Code Execution while navigating the source code comfortably

  • Demonstrate a firm understanding of cryptographic dos and don'ts

  • Have built and implemented security tooling and solutions in the product lifecycle, including security tooling for the Continuous Integration and Deployment pipeline

  • Familiarity and previous experience using Metasploit, Burp Suite, fuzzing, and Jenkins strongly preferred

  • Possess the restlessness ability and desire to break things

  • Demonstrate an understanding of application architectural patterns, such as MVC, microservices, event-driven architectures, etc

- provided by Dice
Associated topics: forensic, identity access management, idm, information security, security, security analyst, security engineer, security officer, violation, vulnerability * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Create your profile now!

Create your Profile

Loading some great jobs for you...