Application Security Engineer

Newark, NJ, United States Posted 4 days ago
PowerToFly approved because…

We believe the spoken word has the power to change people’s lives. Audible has reinvented a media category, becoming a powerhouse of creative and original content. We create sensational entertainment experiences that absorb the listener and enhance the character and quality of daily life. Because nothing can inspire, provoke and challenge like a gripping story – and this could be the beginning of your Audible story.

Audible Information Security team is looking for a Security Engineer to join our world class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, and applications. You will get the opportunity to work on the biggest and the fastest e-commerce platform in existence, Mobile Apps and the cloud infrastructure. You will work in the trenches with other Security Engineers, Application Developers and System Engineers to protect our customers and Audible’s business.

KEY RESPONSIBILITIES
· Preserve Audible and Amazon customer trust
· Take a leadership role in driving internal security and privacy initiatives
· Provide guidance on secure design and conduct security reviews to critical Audible applications and services
· Perform 3P security assessment and reviews
· Provide guidance on security solutions to protect applications, systems, and networks
· Provide guidance on risk, compliance, and policy to leadership
· Respond to security violations, vulnerabilities, and incident detections
· Evangelize security within Audible by contributing to Security Education Training and Awareness campaigns

BASIC QUALIFICATIONS

· BS in Engineering or Computer Science
· 5+ years of application security experience
· Certifications in CCCP, CISSP, or GSEC
· Experience with Incident Response
· Governance, Risk, and Compliance experience

PREFERRED QUALIFICATIONS

· Great interpersonal and communications skills and the ability to liaison for both technical and non-technical audiences
· Experience with AWS w/ concentration on AWS Security Services (IAM, VPC/NACLS/SG, GuardDuty, Inspector, KMS, WAF & Shield, and AWS Well-Architected best practices
· Experience with Web Application Architecture Security Review, Threat Modeling, Static Code Review, Penetration Testing, and Incident Response Planning
· Experience with third party risk analysis and management
· Current knowledge around web and mobile application vulnerabilities, attacks, and mitigation methods
· Strong understanding of information security principles and core technologies (CIA, encryption, identity, authN/authZ, SSO, Networking, web protocols, and privacy)
· Strong understanding of web and mobile application security best practices and secure architecture patterns
· Experience with Mobile Security Review and Testing (iOS or Android)
· Experience with security testing tools: BurpSuite, ZAP, AppScan, SQLMap, Wireshark/TCPdump, Metasploit, Security Monkey, Curl, etc.
· Proficient in one programming language – Java preferred
· Proficient in scripting language(s)

Mission

We’re passionate about connecting highly skilled women with leading companies commited to diversity and inclusion

Are you looking for your dream job? In Office. Flexible. Remote.

Join our Movement

Are you hiring? Join our platform for diversifying your team

Post a job