Manager, Application Security at Amazon
Amazon Payments Services build systems that process payments at an unprecedented scale, with accuracy, speed, and mission-critical availability. We process millions of transactions every day worldwide across various payment methods. Over 100 million customers and merchants send hundreds of billions of dollars moving at light-speed through our systems annually. We are re-inventing the vision of our platform to provide the best payment gateway service, benchmarked against the top external alternatives.
We are looking for a highly skilled, experienced, and motivated application security manager to lead and grow application security team for Amazon Payments. This team owns all aspects of security for all Amazon Payments applications and services. You and your team will be responsible for (a) integrating security requirements, (b) proactively performing security assessments to prevent security vulnerabilities, (c) conducting trainings and hackathon to raise developer awareness of security best practices, (d) performing security testing before release, and (e) partnering closely with our development teams to produce innovative and secure solutions.
As a security leader, you will (a) innovate and solve security challenges at a massive scale, (b) participate in the Amazon Payments security direction, road-map planning, project execution scheduling, (c) hire, build and manage team of security engineers and leaders, and (d) foster strong team culture.
A successful candidate will be a deeply curious individual who brings technical and leadership expertise, and ability to work within a fast-paced startup culture in a large company that has broad business impact. This is a unique and rare opportunity to get in on the ground floor and start on the Amazon Payments innovation as a security leader.
Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.
· 5+ years of experience leading, managing & developing high performance teams
· 3+ years of progressive experience within a software security team or similar operating environment with in-depth understanding of application security assessment methodologies such threat modeling, secure design reviews, secure code review, and penetration testing
· BA/BS in computer science, information security, related discipline, or equivalent work experience
· Hands-on knowledge of information security technologies such as security design review, threat modeling, secure code review, risk analysis, and penetration testing
· Experience with multiple programming languages (such as, Java, Python, Perl, Scala, etc.)
· Experience with vulnerability risk and impact assessment
· Experience in driving large, cross-organization initiatives
· Ability to make concrete progress in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
· Strong information security risk-based prioritization abilities
· Information security professional certifications encouraged (SANS GIAC, CISSP etc.)
· Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
· Excellent attention to detail
· MA/MS in computer science/related field
· Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role