Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Senior Security Engineer, ReSec Red Team image - Rise Careers
Job details

Senior Security Engineer, ReSec Red Team - job 1 of 2

Description

The ReSec Red Team members participate in security research and review, penetration testing, threat modeling and design. We are looking for a Senior Security Engineer with a focus on database security to help ensure our services and applications are designed and implemented to the highest security standards. We need individuals who are passionate about security and vulnerability research as well as database technologies.

Basic Qualifications

- 6+ years' experience in software security (vulnerability research, penetration testing, etc)
- Bachelors' degree in Computer Science or similar field or equivalent work experience.
- Deep knowledge and experience in Linux and Linux internals
- Working knowledge of at least one scripting language (shell, Python, Perl).
- Working knowledge of at least one relation databases with the focus on user and role management, authentication/authorization and network protocol

Preferred Qualifications

- Passionate about computer security and desire to explore and find security issues (“break things”).
- Experience performing or supporting Red Team engagements / penetration testing
- Participation in computer security competitions (CTFs), Bug Bounty programs, opensource security research, CVE analysis
- Domain expertise in at least 3 of: security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, cryptography, and software development security.
- A data-driven and quantitative mentality—you excel in supporting ideas with available evidence.
- Experience with the design and implementation of technical security controls at the business division level.
- Experience engineering, administering or managing at least one relational database engine, preferably MySQL/MariaDB or PostgreSQL
- Experience with AWS or similar enterprise cloud computing platforms.
- Experience with full-stack (Linux / Unix) software architectures from UI to infrastructure.
- Working knowledge of C/C++
- Experience with managing security incidents and threat response

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.

Average salary estimate

$195450 / YEARLY (est.)
min
max
$143300K
$247600K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Senior Security Engineer, ReSec Red Team, Amazon

Are you ready to take your security expertise to the next level? At ReSec, we’re on the lookout for a Senior Security Engineer to join our passionate Red Team in Seattle, Washington. Here at ReSec, we believe that security is not just a checkbox—it's a commitment to excellence in everything we do. As a Senior Security Engineer focusing on database security, your expertise in penetration testing, vulnerability research, and threat modeling will help us design and implement secure services and applications. You'll be diving deep into Linux systems and engaging with relational databases, ensuring that user and role management, as well as authentication and authorization, are top-notch. If you have over six years of experience in software security, a degree in Computer Science or equivalent, and a zest for breaking things to make them better, we want to hear from you! At ReSec, we thrive on innovation, teamwork, and a culture that values diverse perspectives. Join us in our mission to enhance security standards, and let’s build a safer digital world together. Your passion for computer security, combined with your knowledge of AWS and full-stack software architectures, will be pivotal in our efforts to preemptively address and remediate security threats. Apply today and be a crucial part of our exciting journey!

Frequently Asked Questions (FAQs) for Senior Security Engineer, ReSec Red Team Role at Amazon
What are the primary responsibilities of a Senior Security Engineer at ReSec?

As a Senior Security Engineer at ReSec, your key responsibilities include conducting security research, executing penetration tests, participating in threat modeling, and ensuring our applications meet stringent security standards. You'll also engage in vulnerability research, contributing to our Red Team's efforts to identify and mitigate potential security threats.

Join Rise to see the full answer
What qualifications do I need to apply for the Senior Security Engineer position at ReSec?

To be considered for the Senior Security Engineer role at ReSec, you should have a minimum of 6 years of experience in software security, with a strong foundation in vulnerability research and penetration testing. A Bachelor’s degree in Computer Science or a related field is preferred, alongside in-depth knowledge of Linux, scripting languages, and relational databases.

Join Rise to see the full answer
How important is database security knowledge for the Senior Security Engineer role at ReSec?

Database security knowledge is crucial for the Senior Security Engineer position at ReSec. You'll specialize in mitigating risks associated with relational databases, focusing on user and role management, authentication, and authorization processes. A deep understanding of database technologies will enhance your ability to protect sensitive data effectively.

Join Rise to see the full answer
Can you explain the work environment and culture at ReSec for a Senior Security Engineer?

The work environment at ReSec is collaborative, innovative, and inclusive, emphasizing teamwork in addressing security challenges. As a Senior Security Engineer, you'll work with a group of dedicated professionals who value diverse perspectives and encourage knowledge sharing, making it a vibrant place for growth and learning.

Join Rise to see the full answer
What additional skills can enhance my candidacy for the Senior Security Engineer role at ReSec?

While the core qualifications for the Senior Security Engineer position at ReSec are essential, additional skills like experience with cloud platforms (AWS), software development security, and participation in security competitions can significantly bolster your candidacy. A passion for exploring security issues and a data-driven mindset will set you apart.

Join Rise to see the full answer
Common Interview Questions for Senior Security Engineer, ReSec Red Team
What tools and techniques do you typically use for penetration testing?

When discussing penetration testing tools, you might mention popular options such as Metasploit, Burp Suite, and Nmap. Explain that you adapt your approach based on the environment and specific goals, emphasizing the importance of thorough reconnaissance and vulnerability analysis before executing tests.

Join Rise to see the full answer
How do you approach threat modeling in a project?

In threat modeling, start by identifying valuable assets and understanding potential threats against them. Discuss methodologies like STRIDE or PASTA, and emphasize collaborative efforts with development teams to validate findings and implement necessary security measures proactively.

Join Rise to see the full answer
Can you explain a time you identified a vulnerability? What actions did you take?

When recounting a specific instance, describe the vulnerability's nature and the environment you were in. Talk about the steps you took to report it, collaborate with the team for remediation, and the final results, showcasing your problem-solving skills and teamwork in addressing security challenges.

Join Rise to see the full answer
What experience do you have with secure coding practices?

Discuss your familiarity with secure coding principles such as input validation, proper error handling, and encryption. Mention specific languages or frameworks you’ve worked with and share how you’ve influenced development teams to adopt these practices in their workflows.

Join Rise to see the full answer
How do you stay updated with the latest security trends?

Share your routine for staying updated on security trends, such as following reputable blogs, participating in conferences, and engaging in online communities. Mention any relevant certifications or training programs you pursue to deepen your expertise continually.

Join Rise to see the full answer
Describe your experience with incident response and threat management.

Highlight your involvement in incident response processes, including preparation, detection, analysis, and recovery. Discuss any specific incidents you managed, the methods you employed for assessing and mitigating threats, and the importance of a well-organized response plan.

Join Rise to see the full answer
How would you conduct a security assessment on a new application?

Start with a risk assessment to identify critical assets and potential vulnerabilities. Discuss the importance of manual and automated testing approaches, followed by code reviews and collaboration with developers to ensure vulnerabilities are fixed before deployment.

Join Rise to see the full answer
What methods do you use to evaluate the effectiveness of security controls?

Explain your approach, which may involve regular audits, penetration testing, and monitoring. Highlight the importance of data-driven assessments and making recommendations based on collected evidence to strengthen security posture continuously.

Join Rise to see the full answer
How do you ensure compliance with security standards in your work?

Discuss familiarity with regulatory frameworks like GDPR, PCI DSS, and how you incorporate compliance into your processes. Emphasize proactive measures, continuous education, and collaboration with stakeholders to meet necessary standards effectively.

Join Rise to see the full answer
What strategies do you employ for database security?

Discuss various strategies such as implementing strong access controls, regularly auditing user roles, employing encryption, and monitoring database activity for unusual patterns. Emphasize your proactive approach in ensuring database security best practices are followed.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Amazon Hybrid Illinois, USA
VIEW
Posted 8 days ago
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Transparent & Candid
Growth & Learning
Fast-Paced
Collaboration over Competition
Take Risks
Friends Outside of Work
Passion for Exploration
Customer-Centric
Reward & Recognition
Feedback Forward
Rapid Growth
Medical Insurance
Paid Time-Off
Maternity Leave
Mental Health Resources
Equity
Paternity Leave
Fully Distributed
Flex-Friendly
Some Meals Provided
Snacks
Social Gatherings
Pet Friendly
Company Retreats
Dental Insurance
Life insurance
Health Savings Account (HSA)
Photo of the Rise User
Amazon Hybrid New Jersey, USA
VIEW
Posted 8 days ago
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Transparent & Candid
Growth & Learning
Fast-Paced
Collaboration over Competition
Take Risks
Friends Outside of Work
Passion for Exploration
Customer-Centric
Reward & Recognition
Feedback Forward
Rapid Growth
Medical Insurance
Paid Time-Off
Maternity Leave
Mental Health Resources
Equity
Paternity Leave
Fully Distributed
Flex-Friendly
Some Meals Provided
Snacks
Social Gatherings
Pet Friendly
Company Retreats
Dental Insurance
Life insurance
Health Savings Account (HSA)
F
Flooid Remote No location specified
VIEW
Posted 8 days ago
Photo of the Rise User
BlackCloak Remote United States
VIEW
Posted 6 days ago
Photo of the Rise User
Unison Consulting Pte Ltd Remote No location specified
VIEW
Posted 2 days ago
Photo of the Rise User
QAD, Inc. Remote Mumbai, India
VIEW
Posted 7 days ago
Photo of the Rise User
Vanta Remote London
VIEW
Posted 7 days ago
Inclusive & Diverse
Growth & Learning
Customer-Centric
Collaboration over Competition
Medical Insurance
Maternity Leave
Flex-Friendly
401K Matching
Photo of the Rise User
Zocdoc Remote New York, NY, United States
VIEW
Posted 8 days ago
Photo of the Rise User
Mindera Remote No location specified
VIEW
Posted 7 days ago
Photo of the Rise User
The Browser Company Remote No location specified
VIEW
Posted 6 days ago
Photo of the Rise User By Amazon

Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking.

1887 jobs
MATCH
Calculating your matching score...
CULTURE VALUES
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Transparent & Candid
Growth & Learning
Fast-Paced
Collaboration over Competition
Take Risks
Friends Outside of Work
Passion for Exploration
Customer-Centric
Reward & Recognition
Feedback Forward
Rapid Growth
BENEFITS & PERKS
Medical Insurance
Paid Time-Off
Maternity Leave
Mental Health Resources
Equity
Paternity Leave
Fully Distributed
Flex-Friendly
Some Meals Provided
Snacks
Social Gatherings
Pet Friendly
Company Retreats
Dental Insurance
Life insurance
Health Savings Account (HSA)
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
INDUSTRY
TEAM SIZE
LOCATION
EMPLOYMENT TYPE
Full-time, on-site
DATE POSTED
January 10, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT RISE
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo
Privacy Policy and Terms of Service
© 2021 Work Rise LLC. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok