Physical Retails Stores (PRS) Security Engineering (PRS-SecEng) team is responsible for ensuring all applications running in PRS meet Amazon security bar. Our scope includes all applications (Software, Hardware, 3rd Party) running in Wholes Food Market, Amazon Go, Fresh and Styles stores. We engage with developers at concept stage, provide them with security requirements, suggest best security solutions for various use cases, ensure applications will generate correct logs for detection and incident response use cases. We, then, review the final solution, understand architecture, create threat models, perform automated and manual code reviews and perform security testing. Our solutions can be categorized as web and mobile applications, embedded and IOT solutions and various 3rd party HW and SW solutions.Innovation is part of our DNA! We need people who want to join an ambitious program that continues to push the state of the art in computer vision, machine learning, distributed systems and hardware design.The Role: Everyone on the team needs to be entrepreneurial, wear many hats and work in a highly collaborative environment that's more startup than a big company. We will need to tackle problems that span a variety of domains: real-time, distributed systems, machine learning, image recognition, and computer vision. As a Senior Security Engineer, you will help ensure our devices, applications, services, and systems are designed and implemented to the highest standards and resilient to the modern threats. If you enjoy analyzing the security of systems that span from hardware to cloud services, discovering and addressing security issues and quickly reacting to new threat scenarios, this position will provide you with a challenging opportunity. You will lead in security audits, risk analysis, vulnerability testing and security reviews across all elements of this project's software systems.You will tackle challenging, novel situations every day and, given the size of this initiative, you will have the opportunity to work with multiple technical teams at Amazon in different locations. You should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven't been solved at scale before. Along the way, we guarantee that you will learn a ton, have fun and make a positive impact on millions of people.Key job responsibilities1. Security Consults2. Architecture Review3. Threat Model4. Automated Code Review5. Manual Code Review6. Incident Response Plan Review7. Security Testing8. Risk documentation and remediation verificationWe are open to hiring candidates to work out of one of the following locations:Arlington, VA, USA | Atlanta, GA, USA | Austin, TX, USA | Jersey City, NJ, USA | Mono Hot Springs, CA, USA | San Franscisco, CA, USA | San Jose, CA, USA | Santa Clara, CA, USA | Seattle, WA, USA | Sunnyvale, CA, USA- Bachelor's degree in Computer Science or related field or equivalent experience- 5+ years of Application Security engineering experience- 5+ years of experience in vulnerability testing and auditing-Strong knowledge of authorization, authentication and encryption protocols and use cases- Experience working with development team(s) that have delivered commercial software or software-based services- Knowledge of threat modeling or other risk identification techniques- Knowledge of system security vulnerabilities and remediation techniques- Familiarity with common attack patterns and exploitation techniques (OWASP)- Development experience in Java, C++ or C- Scripting skills (e.g., Perl, Python shell scripting)- Knowledge of network and related web protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)- Master's or Ph.D. in Computer Science or related field.- Experience with Security Engineering and Assurance methodologies e.g. fuzzing, static and dynam