Security Engineer I, Threat Hunting, Security Incident Response Team (SIRT)
About The Position
Amazon's Threat Hunting team is looking for a Security Engineer, Threat Hunting who is excited by the idea of searching for and uncovering undetected threat activities at petabyte scale. In this role, you will work alongside other Threat Hunting engineers to proactively identify and eliminate threats wherever they may exist. Our Threat Hunting team searches for adversarial activity using a variety of tools, methods, intelligence, and techniques. They work hands-on with security logs and are encouraged to be creative and develop innovative techniques to illuminate threat activities. With your technical expertise, you will be solving security challenges at scale and working to protect applications powering the most sophisticated e-Commerce platform ever built. If you are someone who enjoys researching threats, diving deep into large datasets, and building innovative capabilities to solve everyday problems, we'd like to meet you. Your work will be essential to maintaining customer trust and delivering a delightful experience for our customers. Export Control Requirement: Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.
Requirements
- Experience working as part of a computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT)
- Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support
- Experience with common security monitoring, log analysis and forensic tools
- 1+ years professional (non-internship) experience within a relevant field
Nice To Haves
- Experience with AWS Services including EC2, Lambda, S3, DynamoDB, SQS
- Experience with at least one modern language such as Java, Python, C++, or C# including object-oriented design
- 2+ years experience working as part of a computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT)
Responsibilities
- You will query and evaluate machine data for evidence of potentially damaging threat activities which pose a risk to Amazon customers and data.
- You will reconstruct security events using log data and identify opportunities to increase the fidelity of existing threat signals.
- You will conduct threat research and develop innovative approaches to identify threat actor tactics, techniques, and procedures (TTPs).
- You will provide ad hoc support to incident response partners and participate in validating the scope of ongoing security investigations.
- You will participate in an on-call rotation and provide ad hoc support to customers during non-business hours.
Benefits
- Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Industry
General Merchandise Retailers
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
