Security Engineer, Identity and Access Management
Amazon
DESCRIPTION
We are seeking a Security Engineer to participate in architectural reviews and threat models, develop and support requirements for Amazon’s Identity and Access Management initiatives. You will support programs that improve access management infrastructure across a complex global environment, develop policies and procedures for the identity lifecycle, and provide identity and authN/authZ design review and threat modeling services across the enterprise.
Data-driven decisions are important to Amazon. You will draw heavily on your experience collecting, analyzing, and summarizing data to create compelling written and verbal communications to peer teams and organizational leadership.
If you are excited about the challenges and opportunities described here and you have the background, education, and experience to excel in these areas, we’d love to talk with you further about our company, the team, and how you are uniquely qualified to join us!
Key job responsibilities
* Protecting and securing Amazon authentication and authorization workflows.
* Participate in the analysis, troubleshooting, investigation and remediation of identity security related activities and events.
* Implement and maintain automated security audits to ensure identity workflows adhere to industry standard security requirements.
* Create and maintain scripts to automate the generation of reports across various technologies.
* Collaborate with other Amazon Security Engineers to support cross-team programs and solutions.
* Work with teams on technologies such as Windows Single-Sign-On, Kerberos, FIDO/FIDO2, Passwordless Authentication, AuthZ, AuthN and Auditing.
A day in the life
The candidate will be responsible for implementing and supporting IAM initiatives, collaborating with Amazon business teams on secure design of their systems to protect Amazon and its customers data. Candidate will work with team members to execute security initiatives and contribute to improving overall IAM posture. Responsibilities include implementing SAST/DAST detections and applying security best practices to business units and applications.
About the team
We primarily drive improvements to authentication and authorization for Stores, Digital and Other (SDO). We invest in deeply understanding the different ways Amazon does business to devise strategies that meaningfully improve security posture, while enabling business productivity. As a core component of modern technology, IAM provides security teams with a mechanism to holistically enforce central security policy and reduce the risk of fraud and lateral movement.
The role advises the business on IAM security risks and best practices through a combination of consultation and project engagements. The role envisions, advocates for and implements AmSec IAM guidance for human, device and service identity workloads.