Security Engineer II, Threat Hunting, Security Incident Response Team (SIRT)
About The Position
Amazon’s Threat Hunting team is looking for a Security Engineer, Threat Hunting who is excited by the idea of searching for and uncovering undetected threat activities at petabyte scale. In this role, you will work alongside other Threat Hunting engineers to proactively identify and eliminate threats wherever they may exist. Our Threat Hunting team hunts for adversarial activity using a variety of tools, methods, intelligence, and techniques. They work hands-on with security logs and are encouraged to be creative and develop innovative techniques to illuminate threat activities. With your technical expertise, you will be solving security challenges at scale and working to protect applications powering the most sophisticated e-Commerce platform ever built. If you are someone who enjoys researching threats, diving deep into large datasets, and building innovative capabilities to solve everyday problems, we’d like to meet you. Your work will be essential to maintaining customer trust and delivering a delightful experience for our customers.
Requirements
- Bachelor's degree, or CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+
- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- 2+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
Nice To Haves
- Experience with AWS products and services
- Experience with programming languages such as Python, Java, C++
Responsibilities
- Query and collate machine data to search for evidence of potentially damaging threat activities which pose a risk to Amazon customers and data.
- Work alongside incident responders and support the investigation of ongoing security issues.
- Reconstruct security events from log data and develop innovative approaches to identify threat actor tactics, techniques, and procedures (TTPs).
- Build custom security solutions and mechanisms to identify threats and enable threat hunting operations at petabyte scale.
- Participate in an on-call rotation and provide ad hoc support to customers during non-business hours.
- Query, collate, and analyze machine-generated data for indications of digital threat activities.
- Develop database searches to extract security artifacts and threat signals from large and diverse datasets.
- Work alongside other engineers to improve security and reduce operating risk for our customers.
- Monitor cybersecurity media, blog posts, and other sources to maintain awareness of the threat landscape.
- Assist in designing and developing innovative capabilities to identify cyber threat activities at scale.
- Work individually and/or as a team on high priority security issues.
Benefits
- health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
- 401(k) matching
- paid time off
- parental leave
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
