Senior Security Engineer, Application Security Testing Automation | New York |

4 weeks ago

New York, United States Amazon.com Services LLC Full time
As a member of the Application Security Testing Automation team, you will help provide automated security testing solutions for all of Amazon. Our team’s goal is to empower both development and security teams with accurate security detections at the highest standards of quality in order to identify and eliminate risk across Amazon’s application portfolio.

As a Senior Security Engineer on our team, you will solve interesting security challenges that arise when Amazon invents new technologies. You will lead the team to prototype and build tools that enable developers to understand their vulnerabilities and how to effectively mitigate them. You will identify and apply opportunities to build new security services, improve existing ones and update our standards and documentation to have the widest possible impact for our customers. You will work proactively and autonomously with partner orgs to develop advanced security detection capabilities to solve complex Application Security challenges at scale.

You will lead by example, proactively improve the consistency of team processes, and help guide the technical direction of the team. Be active mentor for all team members and act as the voice for the team. You will work independently across multiple teams and organizations, build consensus on the direction of security automation and inform decisions made by senior security leaders. This role will routinely challenge your technical background and critical thinking. You will be expected to collaborate with our team’s stakeholders in a fast-paced environment across many technology stacks and services to deliver scalable solutions.

Acceptable office locations:
New York, NY

Key job responsibilities
- Define and drive strategy, act as a technical lead for the team
- Develop, curate, and improve application security detections (static and dynamic) to identify vulnerabilities in Web applications and Application Programming Interface (API) at scale
- Drive security tool evaluation, development and deployment
- Perform dynamic and static application security assessments to ensure the highest quality standard for our detection development and release process
- Risk assessment and Threat Modeling
- Develop, enhance, and interpret security standards and guidance
- Demonstrate and promote security best practices, drive improvements of Amazon’s overall security architecture

A day in the life
- Educate developers on security issue remediation and best practices
- Researching prevalent vulnerabilities with other security teams
- Collaborate with multiple stakeholders to collectively raise the security posture of Amazon
- Review code, running endpoints, APIs, and other platforms to identify security issues
- Presenting findings and discussing security risk with technical and non-technical stakeholders
- Reporting on automation breadth and depth metrics while improving internal processes
- Use technical depth to provide wide coverage for the team and also be able to deep dive into specific work areas to help unblock other team members

About the team
Our team's vision is to eliminate security threats from entering the production landscape of Amazon developed applications. We strive to reduce manual security testing efforts through automation across all web and API application portfolio and inject continuous non-disruptive security testing methodologies across Amazon's SDLC phases to provide service owners actionable and useful security feedback.

About Amazon Security

Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

We are open to hiring candidates to work out of one of the following locations:

New York, NY, USA

BASIC QUALIFICATIONS

- Bachelor's degree
- Broad and deep knowledge across application security domains
- 8+ years of Application Security or Development experience
- Experience with the application of threat modeling or other risk identification techniques.
- Scripting skills (e.g., python, java)

PREFERRED QUALIFICATIONS

- MS in Computer Science or Cybersecurity
- Development experience in Python and/or Java.
- Secure software development lifecycle experience.
- Knowledge of distributed systems and security protocols.

  • Senior Security Engineer, Application Security

    2 months ago

    New York, New York, United States Grow Therapy Full time

    What You'll Be Doing:We are looking for a Senior Security Engineer to help us establish the Application Security vertical of Grow Therapy, and who will help build a secure product platform for Grow. You'll be the first hire in this area, and will report directly to our Head of Security Your responsibilities will include: Identify and implement improvements...

  • Senior Security Content Engineer

    1 month ago

    New York, United States BlueVoyant Full time

    Job DescriptionJob DescriptionSenior Security Content Engineer Senior Security Content Engineer needed in New York, NY to assist our global customers manage their deployments and Azure cloud security solutions. Derive security insights through generating detection logic, automation and visualizations.Ideate and create client-facing detections to surface...

  • Senior Security Content Engineer

    2 weeks ago

    New York, United States BlueVoyant Full time

    Job DescriptionJob DescriptionSenior Security Content Engineer Senior Security Content Engineer needed in New York, NY to assist our global customers manage their deployments and Azure cloud security solutions. Derive security insights through generating detection logic, automation and visualizations.Ideate and create client-facing detections to surface...

  • Senior Application Security Engineer

    4 weeks ago

    New York, United States Motion Recruitment Partners, LLC Full time

    A financial regulatory organization in NYC is looking for a Senior Application Security Engineer to join their robust security team. We're looking for someone with strong experience working alongside developers to resolve security vulnerabilities with their various web applications. We're also looking for someone who will be comfortable training and guiding...

  • Senior Application Security Engineer

    2 weeks ago

    New York, United States FalconX Full time

    Who are we? FalconX is the most advanced digital asset platform for institutions. We provide trade execution, credit & treasury management, prime offering and market making services. Given our global operations, industry-leading technology and deep liquidity, we have facilitated client transactions of $1 trillion in volume. Our products & services are...

  • Senior Application Security Engineer

    3 days ago

    New York, United States FalconX Full time

    Who are we? FalconX is the most advanced digital asset platform for institutions. We provide trade execution, credit & treasury management, prime offering and market making services. Given our global operations, industry-leading technology and deep liquidity, we have facilitated client transactions of $1 trillion in volume. Our products & services are...

  • Events & Production Security Guard - New York City

    2 weeks ago

    New York, United States Knight Security Full time

    Are you interested in ensuring the safety and security of high-profile events and productions in the heart of New York City? We are seeking experienced Security Guards to join our team. As an Events & Production Security Guard, you will play a crucial role in maintaining a safe environment for our clients, guests, and staff. **Responsibilities**: - Provide...

  • Events & Production Security Guard - New York City

    5 days ago

    New York, United States Knight Security Full time

    Are you interested in ensuring the safety and security of high-profile events and productions in the heart of New York City? We are seeking experienced Security Guards to join our team. As an Events & Production Security Guard, you will play a crucial role in maintaining a safe environment for our clients, guests, and staff. **Responsibilities**: - Provide...

  • Senior Security Engineer, Application Security

    2 months ago

    New York, New York, United States tapwage Full time

    About us:Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for...

  • Senior Security Automation Engineer

    3 days ago

    New York, United States Ro Full time

    Who We Are Ro is a direct-to-patient healthcare company with a mission of helping as many patients as possible achieve their health goals. Ro is the only company to offer telehealth care, at-home diagnostic testing, labs, and pharmacy services nationwide. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a...

  • Senior Field Applications Engineer

    3 weeks ago

    New York, United States Copia Automation Full time

    Who you are We are seeking a Senior Field Applications Engineer to support the implementation of Copia’s DeviceLink product in industrial automation settings, including discrete manufacturing and material handling. This role is part of our Strategy and Operations team, partnering with sales and customer success to accelerate time to value for our...

  • Senior Field Applications Engineer

    2 weeks ago

    New York, United States Copia Automation Full time

    Who you are We are seeking a Senior Field Applications Engineer to support the implementation of Copia's DeviceLink product in industrial automation settings, including discrete manufacturing and material handling. This role is part of our Strategy and Operations team, partnering with sales and customer success to accelerate time to value for our customers. ...

  • Senior Field Applications Engineer

    3 weeks ago

    New York, New York, United States Copia Automation Full time

    Who you areWe are seeking a Senior Field Applications Engineer to support the implementation of Copia's DeviceLink product in industrial automation settings, including discrete manufacturing and material handling. This role is part of our Strategy and Operations team, partnering with sales and customer success to accelerate time to value for our customers....

  • Senior Security Achitect

    4 weeks ago

    New York, United States GuidePoint Security Full time

    GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoi Security, Business Systems, Remote, Senior, Technical, Technology

  • Security Engineer I, Offensive Security Penetration Testing

    1 week ago

    New York, United States Amazon.com Services LLC Full time

    Amazon’s Information Security Penetration Testing Team is seeking a Security Engineer to help keep Amazon secure for its customers. In this role, you will attack Amazon’s services, applications, and websites to discover security issues and report them to our internal technology teams. This position will provide you with challenging opportunities, both...

  • Senior Software Security Engineer

    2 months ago

    New York, New York, United States Motion Recruitment Full time

    A marketing automation SaaS company is looking for a Senior Software Security Engineer to work with their development team. We're looking for someone who comes from a software development background and is also comfortable working with SDLC security tooling, like SAST and web app penetration testing tooling. You'll be helping to develop our application while...

  • Senior Software Security Engineer

    1 week ago

    New York, New York, United States Motion Recruitment Full time

    A marketing automation SaaS company is looking for a Senior Software Security Engineer to work with their development team. We're looking for someone who comes from a software development background and is also comfortable working with SDLC security tooling, like SAST and web app penetration testing tooling. You'll be helping to develop our application while...

  • Senior Corporate Security Engineer

    2 weeks ago

    New York, United States Cockroach Labs Full time

    Databases are the beating heart of every business in the world. Cockroach Labs is the team behind CockroachDB, an open source, distributed SQL database. In addition to the open source version of the DB we are proud to offer our self-service, fully managed cloud offerings of CockroachDB with Dedicated and Serverless options. We aim to build infrastructure...

  • IT Security Specialist

    3 weeks ago

    New York, United States City of New York Full time

    Company DescriptionJob Description JOB DESCRIPTION: The mission of the New York City Police Department is to enhance the quality of life in New York City by working in partnership with the community to enforce the law, preserve peace, protect the people, reduce fear, and maintain order. The NYPD strives to foster a safe and fair city by incorporating...

  • IT Security Specialist

    2 weeks ago

    New York, United States City of New York Full time

    Company DescriptionJob Description JOB DESCRIPTION: The mission of the New York City Police Department is to enhance the quality of life in New York City by working in partnership with the community to enforce the law, preserve peace, protect the people, reduce fear, and maintain order. The NYPD strives to foster a safe and fair city by incorporating...