ACTI Cyber Threat Exploitation Engineer , Amazon Cyber Threat Intelligence

AmazonAustin, TX
2d
Match Resume

About The Position

Amazon is seeking an innovative Senior Security Engineer to join the Amazon Cyber Threat Intelligence (ACTI) team as a Cyber Threat Exploitation Engineer where you will leverage your in-depth knowledge and analysis of emergent exploits, exploit frameworks, and vulnerabilities to identify novel threat actors, discover attacks against Amazon, AWS and its customers. ACTI is responsible to identify, curate, and report timely, accurate, and actionable threat intelligence. ACTI delivers cyber threat intelligence to Amazon and AWS leadership, service teams, partners, and both internal and external customers. In the Cyber Threat Exploitation Engineer role you will formulate new analytic techniques and work across teams to drive the supporting capabilities. A deep understanding of advanced actor tactics, techniques, and procedures (TTPs) is required, as well as how those TTP’s will present themselves in network-based and host-based logs derived from software, operating systems, networks, cloud infrastructure, networking equipment, and web applications. In addition, you will script and help automate recurring tasks to improve the overall effectiveness of the intelligence and how it is utilized throughout Amazon and AWS. Beyond direct technical work on exploits, vulnerability research, and threat intelligence, the Cyber Threat Exploitation Engineer will steer strategic direction in the secure design of AWS services, drive tactical results from red and blue team engagements, coordinate takedowns of malicious infrastructure, and drive effective technical countermeasures.

Requirements

  • BS degree in computer science, computer engineering, or related field, or 5+ years of technical work experience
  • 5+ years of industry-based experience in security vulnerabilities identification, attack patterns, and remediation techniques (non-internship) experience
  • 5+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience
  • 5+ years of automation scripting using Python, Bash, Shell and/or Perl experience
  • 5+ years of SQL experience
  • Knowledge of and experience with cloud infrastructure technologies

Nice To Haves

  • Master's degree in computer science, computer engineering, or related field, or MS degree
  • 5+ years experience Threat Intelligence research and analysis related to software exploits and the creation of corresponding detections and/or countermeasures
  • Experience with malware analysis, network flow analysis, and large scale data analysis
  • Experience with firmware reverse engineering, and analysis of ARM, MIPS, and x86-64 binaries.
  • Experience fuzzing software for correctness and triaging crashes, Web application enumeration and attack surface analysis
  • Strong understanding of Windows, Linux, and or OS X internals, web, and common software vulnerabilities, to include, functional understanding of stack, heap exploitation along with general web application exploitation (SQLi, XSS, command injection, authentication bypass)

Responsibilities

  • Identify, research, and analyze novel vulnerabilities discovered in threat intelligence data, applications, devices, and networks
  • Interface with ACTI reverse engineers to provide reversing requirements as well as be able to independently triage malware, analyze exploit samples, and study attack techniques to understand how vulnerabilities are being weaponized
  • Pursue actionable intelligence on current exploits, perform deep dive analysis of malicious artifacts related to software exploits, and use that data to identify attacks against Amazon, AWS, and its customers
  • Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
  • Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale
  • Provide situational awareness on the current threat landscape and the techniques, tactics, and procedures associated with specific threats
  • Accurately document ongoing investigations, craft consumable threat intelligence products, and clearly present and communicate emerging threats and high-risk vulnerabilities in operating systems and software libraries, cloud, network devices, and web applications to key stakeholders
  • Periodic on-call responsibilities

Benefits

  • equity
  • sign-on payments
  • medical
  • financial

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Similar ACTI Cyber Threat Exploitation Engineer , Amazon Cyber Threat Intelligence job opportunities

🔥 New JobACTI Cyber Threat Exploitation Engineer
Amazon
Amazon • Herndon, VA20h
🔥 New JobLead Cyber Threat Intelligence Engineer
CoStar Group
CoStar Group • Arlington, TX16h • Hybrid
Cyber Threat Intelligence Analyst
Business Operational Concepts, LLC
Business Operational Concepts, LLC • Macon, GA11d
Manager, Cyber Threat Intelligence
Capital One
Capital One • McLean, VA3d
🔥 New JobCyber Threat Intelligence (CTI) Analyst
3 Reasons Consulting
3 Reasons Consulting • Charleston, SC1d
Cyber Threat Intelligence (CTI) Analyst
3 Reasons Consulting
3 Reasons Consulting • Charleston, SC13d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service