Job Description
Amazon is seeking a qualified Security Engineer to join our innovative Information Security team. As a key member of the Amazon Security Incident Response Team (SIRT), you will work on responding to security events, analyzing threats, and providing security services to safeguard highly sensitive data.
Main Responsibilities
* Responding to security incidents and coordinating a cohesive response involving multiple teams across Amazon.
* Providing security engineering solutions and support during customer-facing incidents, proactively considering prevention measures.
* Assisting in developing pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
* Identifying and recommending solutions to improve or expand Amazon's incident response capabilities.
* Working with and mentoring Information Security engineers to improve security, reduce risk, and address emerging issues.
* Evaluating the impact of current security trends, advisories, publications, and academic research on Amazon, coordinating response as necessary across affected teams.
* Staying up-to-date with the rapidly changing threat landscape and adapting skills accordingly.
* Participating in a follow-the-sun on-call rotation.
About the Team
Our diverse team values unique experiences and encourages candidates from various backgrounds to apply, even if they don't meet all qualifications and skills listed in the job description.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization creates and maintains a high bar for security across all products and services, offering talented security professionals opportunities to build experience in various areas.
Work/Life Balance
We value work-life harmony, believing that achieving success at work shouldn't come at the expense of personal sacrifices. Flexible work hours and arrangements are part of our culture.
Inclusive Team Culture
Addressing the toughest security challenges requires diversity of ideas, perspectives, and voices. Ongoing DEI events and learning experiences inspire us to continue learning and embracing our uniqueness.
Training and Career Growth
We're continuously raising our performance bar, striving to become Earth's Best Employer. Knowledge-sharing, training, and other career-advancing resources help you develop into a better-rounded professional.
Requirements
* BS in Computer Science or Information Security with 5+ years of experience in incident response.
* Experience with common security monitoring, log analysis, and forensic tools.
* Proficiency in one or more scripting languages (e.g., Python, Perl, Bash, PowerShell, etc.).
* Able to perform DFIR and provide incident command at all stages (identification, containment, eradication, recovery, etc.) while coordinating with various teams and providing reporting to leadership.
* Technical depth in one or more specialties, including application security, infrastructure security, digital forensics, malware analysis, threat hunting, or some combination thereof.
* Relevant industry certifications from SANS, ISC2, etc.
* Experience working as part of a Computer Security Incident Response Team (CSIRT).
* Familiarity/experience with AWS services and security concepts.