The Amazon Devices team designs and engineers high-profile consumer electronics, including the best-selling Kindle family of products. We have also produced groundbreaking devices like Fire tablets, Fire TV, Amazon Dash, and Amazon Echo. What will you help us create?
Amazon Lab126 is looking for an Embedded Security Engineer to research and prototype detection techniques to identify malicious activities that could harm our customers’ devices (e.g. Echo, FTV, FireTablet, IOT devices, etc.). In this role, you will be part of a dedicated team of talented security engineers investigating Linux Kernel, OS and application level attack techniques (e.g. tracing, debugging, reverse engineering, etc.) and propose detection mechanisms. You will need to understand low level operating system security controls (e.g. Linux Kernel, SELinux, Android Security, etc.), network and application security controls, and how you can spot indicator of compromises on a consumer device. You will use security threat intelligence data from multiple sources. Once your prototype for abuse detection and defense mechanism is validated, you will collaborate with software developers in various device OS teams to ship those new techniques to our consumer devices (e.g. FireOS, embedded Linux, etc.). The team has many opportunities to innovate in the device security field (e.g., Zero-day exploit, Hardware security, Linux/Android Security, Machine Learning, Big data, etc.). Your work directly impacts millions of customer devices. If you want to keep customers safe, then we have a job for you!
About the team
You will be joining the device abuse detection team which is part of the Digital Security organization. You can learn more about Digital Security here: https://www.youtube.com/watch?v=k0UTTxzeGog. The device abuse detection team is a product security oriented team that builds detection and defense mechanisms against device and IOT security threats. We use multiple threat intel sources to prototype and productize threat detection techniques.
· Bachelor’s degree in Computer Science, Computer Engineering, or related field
· Master’s degree in Computer Science or equivalent
· Experience with Android/IOT Security and/or Linux kernel security
· Experience with malware analysis and reverse engineering
· Development experience in C, C++ and/or Java/Android
· Experience with scripting (e.g., python, bash)
· Experience with security engineering, system and network security, authentication and security protocols, cryptography, and application security
· Experience with the application of threat modeling or other risk identification techniques
· Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
· Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
· Experience with Machine Learning is a plus.
· Excellent written and verbal communication skills
· Excellent leadership skills and teamwork skills
· Results oriented, high energy, self-motivated
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.