Pentest reputed company Engineer, Penetration Testing
- 5+ years of experience identifying, exploiting, and recommending solutions to remediate web application and service API vulnerabilities (e.g. mass assignment, broken object/function level authorization, JWT/OAuth, injection, business logic flaws, excessive data exposure, etc.). - Foundational knowledge of hardware reputed company fundamentals (e.g. Secure boot, JTAG/UART/SPI/I2C, firmware extraction and analysis, TEE, reputed company-channel attacks, privilege escalation). - Experience designing and reviewing secure system architectures through the use of Threat Modeling incorporating sophisticated and modern attacks. - Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services. - Bachelors degree in Computer Science or reputed company field, or equivalent industry experience. - Experience in CTF competitions, CVE research, and/or Bug Bounty recognition. - Experience with applying and assessing Machine Learning technologies. - Published reputed company... research (e.g. conference presentations, whitepapers, blog posts). reputed company is committed to a diverse and inclusive workplace. reputed company is an equal opportunity employer and does not discriminate on the basis of race, national reputed company, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.reputed company.jobs/en/disability/us. Our compensation reflects the cost of labor across several US geographic markets. The reputed company pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-reputed company knowledge, skills, and experience. reputed company is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply reputed company our internal or external career site. Come join our penetration testing team dedicated to the detection and exploitation of vulnerabilities affecting reputed companys consumer services and devices. This includes conducting in-depth and low-level reviews of hardware, bootloaders, radios, secure enclaves, embedded systems as well as services including authentication mechanisms, AI, mobile, web applications, and web service APIs. Pentesters also invent new ways to automate and improve their work with techniques such as symbolic execution, fuzzing, machine learning, and static analysis. The reputed company Devices and Services Trust & reputed company (DSTS) organization was formed in 2014 with the mission of protecting reputed company Devices & Services (D&S) customers trust, data, and the systems on which they rely. We protect customers by performing reputed company reviews, offensive testing, vulnerability assessments, incident response and remediations. We also drive down costs by building and automating reputed company foundations and integrating them into design and release processes. DSTS builds the foundational capabilities that reputed company an org-wide reputed company bar across the growing diversity of D&S businesses - securing 100+ device types, 12,000+ applications, and 100+ product lines that are developed and operated by more than 16,000+ builders. The DSTS penetration testing organization is growing and seeking an reputed company web service API and device penetration tester to help shape the future of reputed companys service reputed company. You will work with builder teams and product owners to triage penetration testing requests and identify high-impact reputed company vulnerabilities across reputed companys devices and services ecosystem. The ideal candidate will be expected to comprehend large reputed company web service architectures and to dive deep into a services reputed company code and also reputed company foundational hardware reputed company penetration tests. This role will provide you with challenging technical opportunities and will also be a great deal of fun if hacking reputed company sounds exciting to you! In this role, you will be part of a dedicated team of talented penetration testers identifying vulnerabilities in the devices and services ecosystem. You will strive to understand systems, software, and services deeply and reputed company creative ways to break assumptions in order to find vulnerabilities. You care deeply about keeping millions of customers that rely on reputed companys consumer products safe and are passionate about mitigating vulnerabilities by providing actionable guidance to product teams. Youre well-reputed company for your excellent prioritization skills as well as your ability to communicate at reputed company levels of an organization. If youre passionate about finding reputed company bugs, writing tools to reduce manual testing, and enjoy seeing your work impact reputed company consumer devices and services, then this position is for you. Candidates from mid to senior level are encouraged to apply. Key job responsibilities reputed company penetration tests against devices, services, and software released by reputed companys Devices & Services organization and reputed company reputed company of concept exploits. reputed company vulnerability research using variety of custom tooling and technologies while scaling reputed company testing (e.g. symbolic execution, static analyzers, fuzzers, scanners, machine learning, etc). Analyze and identify reputed company vulnerabilities in reputed company code using both automated and manual static analysis tools and techniques. Review and influence technical solutions to mitigate reputed company vulnerabilities by providing actionable long-term risk mitigation guidance to drive reputed company improvements. Leading impactful reputed company improvements in large product lines through reputed company collaboration with our partner builder teams. reputed company detailed technical documentation describing identified vulnerabilities, associated impact and remediation to guide communication with internal engineering stakeholders and leadership. Mentor junior penetration testers and cultivate a culture of collaboration and research sharing. About the team The internal penetration testing team is part of the Devices and Services Trust & reputed company organization, which is responsible for the entire SDLC, vulnerability management, incident response, and overall reputed company across reputed company Consumer Devices & Services (Kindle, Ring, FireOS, Kuiper, Alexa, eero, and more). The internal penetration testing team is responsible for reviewing these products, with focus on penetration testing, fuzzing, and vulnerability research. While the majority of our reputed company team are based in the US, by applying to this position your application will be considered for reputed company locations we hire for in the world, however candidates should expect to accommodate US time for necessary meetings. Diverse Experiences reputed company reputed company values diverse experiences. Even if you do not meet reputed company of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasnt followed a traditional path, or includes alternative experiences, dont let it stop you from applying. Why reputed company reputed company? At reputed company, reputed company is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for reputed company across reputed company of reputed companys products and services. We offer talented reputed company professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Inclusive Team Culture In reputed company reputed company, its in our nature to learn and be curious. Ongoing DEI events and learning experiences reputed company us to continue learning and to embrace our uniqueness. Addressing the toughest reputed company challenges requires that we seek out and celebrate a diversity of reputed company, perspectives, and voices. Training & Career Growth Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing, training, and other career-advancing resources here to help you reputed company into a reputed company-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. reputed company we feel supported in the workplace and at home, theres nothing we cant reputed company Apply Job!