Amazon Lab126 is an inventive research and development company that designs and engineers high-profile consumer electronics. Lab126 began in 2004 as a subsidiary of Amazon.com, Inc., originally creating the best-selling Kindle family of products. Since then, we have produced groundbreaking devices like Fire tablets, Fire TV, Dash Button, Amazon Echo and Alexa. What will you help us create?
Amazon Lab126 is looking for a Senior Software Engineer with a passion for OS and Device Security. This engineer will be responsible for managing Android Security Bulletins (ASB)s distributed by Google within Fire OS and porting them as needed to ensure that all Fire OS devices are up-to-date. The engineer will also be responsible for keeping up-to-date with current known vulnerabilities, pro-actively assessing Fire OS and AOSP code within Fire OS for vulnerabilities, creating patches and driving processes for delivery of patches within Fire OS. The role includes assessment of development practices within the Fire OS organization and development of best practices, documentation and tools for Fire OS developers to ensure that proprietary, confidential or sensitive information is not leaked or discoverable on Fire OS devices. The role also includes risk analysis, vulnerability testing and development of tools and processes that will ensure that Fire OS devices are designed and implemented to the highest standards thus maintaining and enhancing customer trust. This is a challenging role with significant opportunity for someone passionate about device security to have a big impact within the Fire OS organization.
In this role, you will:
- Port Android Security Bulletins to Fire OS devices
- Identify security issues and risks, develop mitigations, and implement security patches
- Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
- Develop and deliver training materials and perform general security awareness and specific security technology training
- Evaluate and recommend new and emerging security products and technologies
- Participate in incident handling
- Participate in projects that develop new intellectual property
- Help define security related strategies