Job description
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, or 3+ years’ equivalent technology experience.
- 3 years or more of demonstrated experience with a focus in areas such as systems, network, and/or application security.
- Good understanding of fundamental technologies, including at least one major OS, networking, web technology, and general security principles (cryptography, IR, forensics, etc.).
We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results. They must have the passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is a plus.
The successful candidate will have a good mix of deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.
An ideal candidate should be able to accomplish most of the following:
- Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future.
- Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
- Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
- Evaluate the impact to the organization of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams to do the right thing for our customers and our organization.
- Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences.
- Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence.
- Provide subject matter expertise on architecture, authentication and system security.
- Fulfill regular on-call responsibilities.
Key job responsibilities
An ideal candidate should be able to accomplish most of the following:
- Triage/assess security issues and engage with internal service teams to ensure timely remediation of issues, escalating internally as necessary to ensure appropriate levels of urgency and engagement.
- Participate in efforts to promote security throughout the Company and build good working relationships within the team and with others across Amazon.
- Demonstrate high capacity and tolerance for extreme context switching and interruptions while remaining productive and effective.
- Develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Mentoring of junior staff and proactively share knowledge sharing within the team and across the company.
- Assist with hiring new employees
- Fulfil regular on-call responsibilities.
A day in the life
Amazon Security Cloud Response is responsible for the security of Cloud services. Our primary focus is to ensure the security of the cloud by working with service teams, vendors, and other stakeholders (both internal and external) to solve security challenges at massive scale, from incident response to emergent patching to helping publish guidance for customer impacting issues. We also work to develop tools and systems, and implement changes to drive automation, scalability and continuous improvements for our organization and Amazon Security as a whole.
About the team
Here at Amazon, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
- Prior experience on a Security Operations team, especially experience coordinating responses to security incidents.
- 5+ years’ equivalent information security experience.
- 3+ years experience with internet security issues, cloud architectures, and threat landscape.
- Experience with virtualization technologies, especially with AWS services.
- Relevant industry certifications from SANS, ISC2, etc.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Strong demonstrated knowledge of web protocols, common attacks, and an in-depth knowledge of Linux/Unix tools and architecture.
- Ability to prioritize multiple tasks and projects in a dynamic environment.
- Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial +44 800 086 9884 (tel:+448000869884). If calling from Ireland, please dial +353 1800 851 489 (tel:+3531800851489).