Security Engineer I, Security Incident Response Team (SIRT)
Description
At Amazon, we are seeking qualified Security Engineers to join our innovative and dynamic Information Security team. As a member of the Amazon Security Incident Response Team (SIRT), you will work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. Your technical expertise will be utilized to solve security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built.
We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key Responsibilities:
* Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
* Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
* Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
* Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
* Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
* Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
* Keeping your knowledge and skills current with the rapidly changing threat landscape.
* Participating in a follow-the-sun on-call rotation.
Basic Qualifications:
* BS in Computer Science, Information Security, or equivalent professional experience
* 1-3 years of demonstrated experience in areas such as incident response, systems security, network security, and/or application security
* Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences
* Proficiency in at least one programming language (e.g., Python, Go, PowerShell, Shell scripting, Perl, Ruby, Java, C++, C)
* Technical depth in two or more specialties including: digital forensics, malware analysis, network security, application security, security intelligence, and security operations
* Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies
* The capacity and tolerance for context switching and interruptions
* Ability to work with a high degree of autonomy
* Ability to handle a high degree of ambiguity
* Able to work in a diverse team
Preferred Qualifications:
* Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support.
* 3+ years of information security experience.
* Relevant industry certifications from SANS, ISC2, etc.
* Strong demonstrated knowledge of Unix tools and architecture.
* Experience working as part of a Computer Security Incident Response Team (CSIRT)
* Familiarity/experience with AWS services and security concepts.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.