Amazon Corporate LLC Sr. Security Engineer in Broomfield, Colorado

Sr. Security Engineer Location: US-CO-Broomfield Job ID: 742939Company: : Amazon Web Services, Inc. Position Category: Systems,Quality, & Security Engineering Company/Location (search) :Country (Full Name): : United States Job DescriptionAt Amazon, we're working to be the most customer-centric company on earth.To get there, we need exceptionally talented, bright, and driven people.If you'd like to help us build the place to find and buy anything online,this is your chance to make history. The Data Center Global Services organization is looking for exceptionalindividuals to join our Data Center Systems security team as a Sr. SecurityEngineer. As a security engineer, you will drive, architect, andimplement the core functionalities and critical enhancements to our globalinfrastructure to make it the most secure environment available.The successful candidate will be an experienced security practitioner having atechnical background in risk management, vulnerability testing and productevaluation. Specifically, we are looking for someone with past experienceassessing industrial control and embedded systems for inherent risk. Thisposition will conduct testing and author assessment reports makingrecommendations for proposed product deployments of new hardware and softwarein our Data Centers. Location: Herndon, VA or Broomfield CO Your responsibilities will include:Focusing on real-time mission critical technologies of security: SCADA,electrical power, building management and other control systemsImplementing and maintaining security policyAdvising development staff on application securityHost and network security tools and implementationCoordinating intrusion and penetration testsLeading design reviews for complex systemsIdentify security issues and risks, and develop mitigation plansAdvise and consult with internal customers on risk assessment, threatmodeling and fixing vulnerabilitiesDevelop and interpret security policies and proceduresEvaluate and recommend new and emerging security products and technologiesParticipate in security compliance effortsBasic QualificationsB.S. Degree in Computer Science, Information Security, or related field.Must have solid working experience and knowledge of Windows and Unix/Linuxoperating systemsStrong experience with detailed technical knowledge in security engineering,system and network security, authentication and security protocols,cryptography, and application securityAt least 4 years of experience in infrastructure or application-levelvulnerability testing and auditingAt least 2 years of system, network and / or industrial controls securityexperienceScripting skills (e.g., Perl, shell scripting)Experience with the application of threat modeling or other riskidentification techniquesConsistent implementation of security solutions at the enterprise levelExcellent written and verbal communication skillsPreferred QualificationsM.S. Degree in Computer Science, Information Security or equivalentCertification in SCADA or Industrial Control Systems (GICSP or equivalent)Relevant industry certifications (CISSP, SANS/GIAC)Knowledge of controls protocols such as BACnet, Modbus, Modbus TCP/IP,LonWorks, and XMLExperience with cloud computing technologiesStrong knowledge of data structures, algorithms, and designing forperformance, scalability, and availabilityDetailed knowledge of system security vulnerabilities and remediationtechniques, including penetration testing and the development of exploitsExperience with web-based applications and/or web services-basedapplications, especially at massive scale, are very applicable and helpfulProgramming in C, C++, Java, Python, Perl, and/or RubyMeets/exceeds Amazon's leadership principles requirements for this roleMeets/exceeds Amazon's functional/technical depth and complexity for this roleAmazon is an Equal Opportunity-Affirmative Action Employer - Minority /Female / Disability / Veteran / Gender Identity / Sexual Orientation