Senior Security Engineer, Vulnerability Management and Remediation

Amazon is seeking for a Senior Security Engineer to join the Vulnerability Management and Remediation team in Sydney, Australia.
The VMR team is responsible for the discovery, assessment, triage, and remediation of vulnerabilities across Amazon. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challenges. Our team offers the unique opportunity to work with leading industry security experts and engage across Amazon teams and leadership.

As a Senior Security Engineer, you will be responsible for the timely and accurate detection of vulnerabilities across the complexity and scale of the Amazon ecosystem. Your teammates are a global team of security engineers, software developers, and technical program managers dedicated to continuously raising the security bar.

Key job responsibilities
- Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
- Lead the detection and analysis of vulnerabilities through the development and optimization of vulnerability scanning, correlation, and prioritization capabilities.
- Thoroughly investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
- Design and implement automation, tools and workflows to enhance our operations capabilities.
- Partner with software engineering and operations teams to identify and increase coverage and detection capability gaps across Amazon.
- Mentor and train junior security engineers, sharing your expertise in vulnerability management best practices.
- Collaborate with information security leadership to set the strategic direction for the VMRO program and report on key performance metrics.
- Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.

About the team
Our team operates out of our fabulous Sydney Office.

Basic Qualifications:
- BS degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree; or 5+ years equivalent technology experience
- 7 years engineering experience in system, network, and/or application security or the development of security products.
- 5 years experience improving the operations of vulnerability discovery mechanisms across a diverse technical ecosystem
- 5 years experience in operations, automation and process improvement and building applications on cloud-based services.

Preferred Qualifications:
- Experience in vulnerability management particularly in host and OS detection engineering.
- Experience with implementing and operating a wide range of vulnerability management tools.
- Experience building with AWS services.

Acknowledgement of country:
In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.

IDE statement:
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

---