Application Security Engineer

Newark, NJ, United States Posted 15 days ago
Main Location
Newark, NJ, United States
Open jobs
PowerToFly approved because…

We believe the spoken word has the power to change people’s lives. Audible has reinvented a media category, becoming a powerhouse of creative and original content. We create sensational entertainment experiences that absorb the listener and enhance the character and quality of daily life. Because nothing can inspire, provoke and challenge like a gripping story – and this could be the beginning of your Audible story.

Audible Information Security team is looking for a Security Engineer to join our world class team. We are obsessed with protecting customer trust. We are a hands-on team working to protect our computer networks, servers, and applications. You will get the opportunity to work on the biggest and the fastest e-commerce platform in existence, Mobile Apps and the cloud infrastructure. You will work in the trenches with other Security Engineers, Application Developers and System Engineers to protect our customers and Audible’s business.

· Preserve Audible and Amazon customer trust
· Take a leadership role in driving internal security and privacy initiatives
· Provide guidance on secure design and conduct security reviews to critical Audible applications and services
· Perform 3P security assessment and reviews
· Provide guidance on security solutions to protect applications, systems, and networks
· Provide guidance on risk, compliance, and policy to leadership
· Respond to security violations, vulnerabilities, and incident detections
· Evangelize security within Audible by contributing to Security Education Training and Awareness campaigns


· BS in Engineering or Computer Science
· 5+ years of application security experience
· Certifications in CCCP, CISSP, or GSEC
· Experience with Incident Response
· Governance, Risk, and Compliance experience


· Great interpersonal and communications skills and the ability to liaison for both technical and non-technical audiences
· Experience with AWS w/ concentration on AWS Security Services (IAM, VPC/NACLS/SG, GuardDuty, Inspector, KMS, WAF & Shield, and AWS Well-Architected best practices
· Experience with Web Application Architecture Security Review, Threat Modeling, Static Code Review, Penetration Testing, and Incident Response Planning
· Experience with third party risk analysis and management
· Current knowledge around web and mobile application vulnerabilities, attacks, and mitigation methods
· Strong understanding of information security principles and core technologies (CIA, encryption, identity, authN/authZ, SSO, Networking, web protocols, and privacy)
· Strong understanding of web and mobile application security best practices and secure architecture patterns
· Experience with Mobile Security Review and Testing (iOS or Android)
· Experience with security testing tools: BurpSuite, ZAP, AppScan, SQLMap, Wireshark/TCPdump, Metasploit, Security Monkey, Curl, etc.
· Proficient in one programming language – Java preferred
· Proficient in scripting language(s)

Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team