Security Engineer, Security Incident Response Team (SIRT)
Job Responsibilities
* Respond to security incidents and coordinate a cohesive response involving multiple teams across Amazon.
* Provide security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
* Assist in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
* Identify and recommend solutions that improve or expand Amazon's incident response capabilities.
* Work alongside and mentor Information Security engineers to improve security, reduce and quickly address risk.
* Evaluate the impact of current security trends, advisories, publications, and academic research on Amazon, coordinating response as necessary across affected teams.
* Maintain knowledge and skills current with the rapidly changing threat landscape.
* Participate in a follow-the-sun on-call rotation.
BASIC QUALIFICATIONS
* BS in Computer Science, Information Security, or related field with 3+ years of related professional experience, or 5+ years of related professional experience.
* Experience with common security monitoring, log analysis, and forensic tools.
* Proficient in one or more scripting languages (e.g. Python, Perl, Bash, PowerShell).
* Able to perform DFIR and provide incident command at all stages (identification, containment, eradication, recovery) while coordinating with various teams and providing reporting to leadership.
PREFERRED QUALIFICATIONS
* Technical depth in application security, infrastructure security, digital forensics, malware analysis, threat hunting, or some combination thereof.
* Relevant industry certifications from SANS, ISC2, etc.
* Experience working as part of a Computer Security Incident Response Team (CSIRT).
* Familiarity/experience with AWS services and security concepts.