Amazon · 15 hours ago
Pentest Security Engineer II, Specialized Pentest Team, Devices & Services
Austin, Texas, USA
Full-time
Onsite
Mid, Senior Level
$159K/yr - $202K/yr
3+ years expAmazon is seeking a Pentest Security Engineer II to join their Specialized Pentest Team within the Devices & Services organization. The role involves conducting penetration tests, identifying vulnerabilities, and providing actionable guidance to enhance security across Amazon's services and products.
Artificial Intelligence (AI)DeliveryE-CommerceFoundational AIRetail
Responsibilities
Lead and contribute to penetration tests against services and software released by Amazon’s Devices & Services organization. This includes working closely with builder teams to scope pentests, develop test plans, find vulnerabilities, develop proof of concept exploits, report findings, and validate patches
Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques
Review and influence technical solutions to mitigate security vulnerabilities by providing actionable long-term risk mitigation guidance to drive security improvements
Lead impactful security improvements in large product lines through close collaboration with our partner builder teams
Develop detailed technical documentation describing identified vulnerabilities, associated impact, and recommended remediation to guide communication with internal engineering stakeholders and leadership
Mentor junior penetration testers and cultivate a culture of collaboration and research sharing
Qualification
Required
Bachelor's degree
3+ years of experience identifying, exploiting, and recommending solutions to remediate web application and service API vulnerabilities (e.g. mass assignment, broken object/function level authorization, JWT/OAuth, injection, business logic flaws, excessive data exposure, etc.)
Experience tracing sources and sinks during code review to identify vulnerabilities, and providing contextual remediation guidance to address vulnerability root cause
Experience designing and reviewing secure system architectures through the use of Threat Modeling incorporating sophisticated and modern attacks
Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services
Preferred
Foundational knowledge of hardware security fundamentals
Experience in CTF competitions, CVE research, and/or Bug Bounty recognition
Experience with applying and assessing Machine Learning technologies
Published security research (e.g. conference presentations, whitepapers, blog posts)
Benefits
Health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
Paid time off
Parental leave
Company
Amazon
Amazon is a tech firm with a focus on e-commerce, cloud computing, digital streaming, and artificial intelligence.
10001+ employees
H1B Sponsorship
Amazon has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (22803)
2024 (21175)
2023 (19057)
2022 (24088)
2021 (12233)
2020 (14881)
Funding
Current Stage
Public CompanyTotal Funding
$8.11BKey Investors
AmazonKleiner Perkins
2023-01-03Post Ipo Debt· $8B
2001-07-24Post Ipo Equity· $100M
1997-05-15IPO
Leadership Team
Douglas J. Herrington
CEO, Worldwide Amazon Stores
Werner Vogels
VP & CTO
Recent News
2026-02-09
The Motley Fool
2026-02-09
Company data provided by crunchbase