Platform Security Engineer

### Who you are
- Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
- Experience in Security Engineering or Development of Security capabilities, supporting engineering projects from concept to delivery, and 2 years in two or more of the following technical categories:)
- Experience in Virtualization security (Xen, KVM, QEMU)
- Experience in Hardware security (PCB, JTAG, UART, SPI, ROM, microcode, custom ASIC/FPGA)
- Experience in x86 and/or ARM chipset and firmware security (TPM, UEFI, TrustZone, Secure Boot, JTAG, PCIe)
- Experience performing Security testing of compute platforms (Server, PC or Mobile)
- Master's degree in Computer Science, Information Security, or a related field
- Experience with AWS Services including EC2, Lambda, S3, DynamoDB, SQS
- Knowledge of common security-relevant protocols like SSH, TLS, DNS, DHCP, NTP, or ICMP
- Experience delivering against a large organization's long-term strategy and goals
- Demonstrated understanding of crypto basics (encryption, signing, certificates, common algorithms)
- Experience designing for crypto security (e.g. certificate handling and PKI, attestation, TPM/HSM)
- Expert knowledge of Windows, Linux, and hypervisor security (especially in cloud environments)
- Working with diverse physical tamper resistance and/or tamper detection techniques
- Experience performing Physical security testing at the machine level

### What the job involves
- We are looking for a technically deep Senior Security Engineer to help secure our foundational platforms such as OS kernels, virtualization, device emulation, firmware and hardware
- You will be responsible for conducting security reviews, threat modeling, developing tooling that will help detect security issues at scale and hands-on security evaluations (pen-testing)
- The successful candidate must be comfortable diving into complex engineering discussions, and leveraging deep security expertise to ensure proper risk assessment and threat analysis is performed
- You will provide crystal-clear technical direction and risk mitigation guidance for diverse engineering and business leaders at all levels
- By applying your hard-earned years of practical security engineering expertise in projects related to enterprise networking, hardware-rooted security, operating system hardening, and cloud-scale administrative infrastructure, you will literally shape the future of cloud computing
- You are expected to be strong in multiple domains and provide significant contributions to the IT Security team and to multiple groups throughout AmSec
- Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices
- You are also expected to mentor more junior engineers and be a security thought leader for the organization
- You should foster constructive dialogue and seek resolution when confronted with discordant views
- Engineers in this role are expected to participate fully in the planning of the IT Security team's work and constantly seek opportunities for process improvement
- They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AmSec and by groups throughout Amazon), while having an understanding of the application of information security in a broad range of technical areas
- You will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work
- This role will provide career growth opportunities as you gain new security skills in the course of your duties
- Security reviews for hardware including servers and devices
- Penetration testing & vulnerability research
- Threat modeling
- Security training and outreach to internal development teams
- Security guidance documentation
- Assistance with recruiting activities