Job Specifications
Description
At Audible, we believe stories have the power to transform lives. It’s why we work with some of the world’s leading creators to produce and share audio storytelling with our millions of global listeners. We are dreamers and inventors who come from a wide range of backgrounds and experiences to empower and inspire each other. Imagine your future with us.
About This Role
As a Security Engineer at Audible you will advocate for information security throughout all our software development and business processes. You will work with other Security Engineers, Application Developers, System Engineers, and Business Stakeholders to protect our customers and Audible’s business.
About The Team
Audible Information Security team is looking for an experienced Security Engineering Leader to join our world class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, applications and data assets.
As a Security Engineer, you will...
Contribute to designing, implementing, and executing security review and test methodologies for recurring testing of critical production services
Partner with service teams to ensure risks are remediated
Conduct design review, threat modeling, security review, and penetration testing on production systems
Scope and perform penetration testing and vulnerability research on complex proprietary software and hardware
Collaborate with internal development teams at Audible and Amazon to enhance security tooling and functionality at scale
Prepare and present detailed, written technical information for internal and external audiences
Participate in third party security risk assessments and due diligence (including helping to secure third-party integrations and partnerships)
Provide guidance on risk, compliance, and policy to technical and non-technical internal customers, including security training and outreach to internal teams and external supply chain partners
About Audible
Audible is the leading producer and provider of audio storytelling. We spark listeners’ imaginations, offering immersive, cinematic experiences full of inspiration and insight to enrich our customers daily lives. We are a global company with an entrepreneurial spirit. We are dreamers and inventors who are passionate about the positive impact Audible can make for our customers and our neighbors. This spirit courses throughout Audible, supporting a culture of creativity and inclusion built on our People Principles and our mission to build more equitable communities in the cities we call home.
Basic Qualifications
3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
Bachelor's degree in computer science or equivalent
Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or 2+ years of IT Security experience
Knowledge of networking protocols such as HTTP, DNS and TCP/IP
Knowledge of industry-based security vulnerabilities and remediation techniques
Experience in scripting, programming, and security code reviewing in a common programming language (non-internship)
Experience in troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship experience)
Preferred Qualifications
2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
2+ years of scripting, programming, or security code review in a common language, such as Python, Java or C++ experience
Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
Knowledge of networking protocols such as HTTP(S), DNS, and TCP/IP
Knowledge of networking protocols, to include HTTP(S), DNS, and TCP/IP
Experience with AWS products and services
Experience with programming languages such as Python, Java, C++
Experience in scripting, programming, or security code reviewing in a common language, such as Python, Java, or C++
Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees,