Security Engineer II, Threat Detection
About The Position
Amazon Stores Security's Threat Detection team is looking for a highly motivated Security Engineer to join our team. In this role, you will research emerging threats to develop new detection ideas and build high-confidence detections that proactively identify malicious activity across large-scale log data. You will work closely with Incident Response, Threat Hunting, Threat Intelligence, and Red Team to understand threat models and deliver detections that enable rapid response. You will also develop innovative methods utilizing the latest techniques to detect threats at scale. Your expertise will help defend the data of Amazon's millions of customers against the most critical threats.
Requirements
- Knowledge of industry-based security vulnerabilities and remediation techniques
- Experience in scripting, programming, and security code reviewing in a common programming language (non-internship)
- Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support
- Knowledge of web protocols, common attacks, and Linux/Unix tools and architecture
- Knowledge of cloud computing concepts and design considerations
Nice To Haves
- Experience with AWS products and services
- Experience implementing security solutions at the cross-team level
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience with Machine Learning and Large Language Model fundamentals, including architecture, training/inference lifecycles, and optimization of model execution
Responsibilities
- Identify critical threats targeting Amazon's network by leveraging threat intelligence and security research, then deliver high-fidelity threat detections aligned to attacker tactics, techniques, and procedures (TTPs).
- Enhance detection engineering processes by improving how detections are scoped, prioritized, developed, tested, and maintained throughout their lifecycle.
- Develop platform requirements to enrich alerts with contextual data, reduce false positives, and automate remediation and response actions in coordination with incident response teams.
- Research and develop mechanisms to advance detection capabilities through machine learning, advanced data correlation, risk-based alerting, or generative AI.
- Automate your way through challenges using Python or other scripting languages to build tooling, validate detections, and streamline operational workflows at scale.
Benefits
- health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
- 401(k) matching
- paid time off
- parental leave
- sign-on payments
- restricted stock units (RSUs)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
