Security Engineer - Penetration Tester - Finance Business Services
If you love to build, to invent, to pioneer on a high performance team that's passionate about operational excellence
—we'd love to hear from you.
The Corporate Finance Business Services Team is looking for a penetration tester to perform penetration tests on its financial infrastructure and applications.
The scope of this role includes performing the full cycle of penetration testing engagements - from scoping, through threat modeling, information gathering, discovery, vulnerability assessment, active testing, pivoting and reporting. Your engagements will include internal, external, web, mobile and additional environments.
As a Penetration Tester you will be responsible for working closely with other teams at Amazon, while testing their application environments. You will exhibit a strong sense of customer obsession while working with those teams in a consulting facility. You will be providing deep security expertise and insight to correctly identify and reflect the security risks and vulnerabilities while working with them on remediation strategies.
- Perform full cycle engagements of penetration testing on business units independently, or as part of a team.
- Configure, run and monitor automated security testing tools
- Perform manual validation of vulnerabilities
- Perform manual penetration testing of client systems, websites and networks to discover vulnerabilities
- Thoroughly document exploit chain/proof of concept scenarios for client consumption
- Communication skillset to influence VPs, Directors, and Financial and Technology Leaders to prioritize and execute remediation plans
- Ability to develop innovative tools, solutions, processes which scale
- Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages
- Familiarity with vulnerability assessment and penetration best practices
- Experience with vulnerability and penetration testing techniques and tools
- Security testing tools including Metasploit, Nmap, Nessus, Burp Suite
- Linux operating systems
- Microsoft technologies
- Mobile application programming and/or security testing
- Wireless technologies
- Web application technologies
- Source code analysis software
- Intermediate to advanced Microsoft Office Suite (i.e., Word, Excel, PowerPoint)
- Network implementation (operational and security)
- Telephony Technologies (analog and IP)
- Social engineering
- Physical security
- Hardware hacking
Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation
Founded by Jeff Bezos, the Amazon.com website started in 1995 as a place to buy books because of the unique customer experience the Web could offer book lovers. Bezos believed that only the Internet could offer customers the convenience of browsing a selection of millions of book titles in a single sitting. During the first 30 days of business, Amazon fulfilled orders for customers in 50 states and 45 countries - all shipped from his Seattle-area garage.
Amazon's evolution from Web site to e-commerce partner to development platform is driven by the spirit of innovation that is part of the company's DNA. The world's brightest technology minds come to Amazon.com to research and develop technology that improves the lives of shoppers and sellers around the world.
e-Commerce, Retail, Operations, Internet
Company Type: Public Company
Company Size: 10,001+
- Cloud Security Architect
- Cloud Security Architect
- Cloud Security Strategist
- Information Security, Security Assessor
- Manager - Infrastructure Security
- Manager, Information Security
- Security Architect, AmazonBooks Systems
- Security Engineer
- Security Engineer Intern
- Security Engineering Manager - Penetration Testing
- Security Operations Engineer, AWS