Security Incident Response Engineer, Digital Forensic Examiner AWS

Herndon, Virginia, USA

Applications have closed logo

Posted 7 months ago

The Amazon Web Services team is looking for a Security Incident Response Engineer who possesses a comprehensive understanding of computers and networks with a specialization in digital forensics. The successful candidate will have a firm grasp of digital forensics, incident response, cloud computing and a desire to leverage and build cloud capabilities to furthering digital forensic capabilities. The candidate must also demonstrate strong investigative skills and the ability to gather and analyze digital information from a variety of digital devices and associated media.

The candidate will take on a leadership role in responding to security issues and provide innovative methods in solving these issues using digital forensics across the largest cloud provider in the world. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive engineering teams to take the right actions in the right time frames to mitigate risks.

We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results. They must have the passion for engineering solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is core to our organization.

The successful candidate will have a good mix of deep technical knowledge and a demonstrated background in digital forensics and information security. We value broad and deep technical knowledge, not only in digital forensics but additionally in the fields of incident response, malware analysis, operating system security, network security, cryptography, software security, security operations, and emergent security intelligence.

Basic Qualifications

· BS degree in Computer Science, Computer Engineering, Digital Forensics or a related field, or 5+ years’ equivalent technology experience.
· 3 years of experience in digital forensic analysis
· 5+ years or more of demonstrated experience with a focus in areas such as systems, network, and/or application security.
· 3+ years of experience on an Operations team, coordinating responses to security or other similar incidents requiring investigations.
· 2+ years of experience Scripting/coding experience with one or more languages.

Preferred Qualifications

· An ideal candidate should be able to accomplish most of the following:
· Five or more years of experience in digital forensic analysis with significant expertise using multiple standard and open source forensic applications.
· Experience in remote and physical device imaging
· Confidently and intelligently respond to security incidents, and programmatically prevent the same type of incidents from occurring in the future.
· Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
· Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
· Evaluate the impact to the organization of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams to do the right thing for our customers and our organization.
· Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences.
· Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence.
· Have a passion to learn and thrive in a dynamic and constantly changing environment.
· Help identify, take ownership of, and drive improvements across the team.
· Fulfill regular on-call responsibilities.
· 7+ years’ equivalent information security experience.
· Extensive knowledge of Internet security issues, cloud architectures, and threat landscape.
· Experience with virtualization technologies, especially with AWS services.
· Relevant industry certifications from SANS, ISC2, etc.
· Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
· Strong demonstrated knowledge of web protocols, common attacks, and an in-depth knowledge of Linux/Unix tools and architecture.
· Ability to prioritize multiple tasks and projects in a dynamic environment.
· Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business.
· Programming experience in Python, Ruby, Java, or Go.
· Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role
· Amazon is an Equal Opportunity Employer – Minority / Women / Disability / Veteran / Gender Identity / Sexual Orientation / Age

Job tags: Architecture Automation AWS Cryptography Forensics Go Incident response Java Linux Malware Network security Open Source Python Ruby SANS Unix
Job region(s): North America