Security Engineer, Enterprise Protection Program

Amazon•Herndon, VA

1d•Onsite

About The Position

Join Amazon's elite Security organization as a Security Engineer within our Enterprise Protection Program, where you'll play a crucial role in safeguarding our company against insider risks. As part of the Enterprise Protection Program, you will be at the forefront of evaluating, investigating, and mitigating active insider risks daily, while designing and implementing sophisticated detections and innovative tooling solutions. We are looking for someone who is passionate about "diving deep" and enjoys building creative solutions to complex security challenges. In this role, you will also collaborate closely with legal and engineering teams to develop preventative security measures and architect enterprise-scale tools for rapid investigation and proactive threat detection. The ideal candidate demonstrates exceptional analytical skills, thrives in both independent and collaborative work environments, and excels at cross-functional partnership. You will have the opportunity to shape the future of enterprise security solutions while working alongside industry-leading professionals. This position involves on-call responsibilities, typically for one week every six months.

Requirements

3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
Bachelor's degree in computer science or equivalent
2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
Knowledge of networking protocols such as HTTP, DNS and TCP/IP
Knowledge of industry-based security vulnerabilities and remediation techniques

Nice To Haves

2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
Experience with AWS products and services
Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing

Responsibilities

Perform deep dive analysis of internal and external datasets to identify trends, anomalies, and activities indicative of insider risks;
Collaborate with engineering teams to translate use cases into technical requirements, as well as develop, implement, and refine scalable security solutions to identify and mitigate insider risk;
Assist with identifying and driving opportunities to automate and optimize insider risk analytics, tooling, and processes;
Contribute to promoting security best practices for identifying and mitigating insider risk by fostering opportunities to collaborate with other EPP and Amazon Security teams, as well as external industry partners, and;
Provide guidance to peers, managers, and senior leaders on technical direction and improvement opportunities for insider risk analytics, tooling, and processes.

Benefits

health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
paid time off
parental leave
sign-on payments
restricted stock units (RSUs)

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume