Cyber Threat Intelligence Analyst
Herndon, Virginia, USA
The Amazon Web Services Threat Intel Group is responsible for developing actionable intelligence on advanced cyber threats to our services and our customers. We collect indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of high grade actors and their tools, techniques, and procedures. We then leverage that understanding to proactively identify and mitigate malicious activity.
The successful candidate will be required to analyze indicators to generate actionable intelligence and insight into current threats. He or she will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current APT actors and TTPs as well as experience performing question driven analysis is required. Candidates should have a solid understanding of network and host based indicators and how to best leverage them. He or she should be able to script and help automate recurring tasks to improve the overall effectiveness of the team. An understanding of operating systems internals will be an asset.
Key responsibilities include:
· Perform deep dive analysis of malicious artifacts.
· Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.
· Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale.
· Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.
· Pursue actionable intelligence on current threats as they relate to AWS.
· Periodic on-call responsibilities.
· BS degree in Computer Science, MIS, Computer Engineering, or 5+ years equivalent technology experience.
· 2 years experience with tracking APT groups and other high grade threats.
· 2 years experience in system, network, and/or application security.
· 2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby.
· 1 year experience with SQL or other query languages.
Preferred QualificationsPreferred qualifications
· MS degree in Computer Science, MIS, Computer Engineering, or 8+ years’ equivalent technology experience.
· 5+ years of experience in Threat Intelligence research and analysis, particularly nation states and APTs.
· Experience with malware analysis tools such as IDAPro, Ollydbg and Windbg.
· Experience with AWS services.
· Excellent written and oral communication skills.
- Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us
Job region(s): North America
Job stats: 24 3 0
Explore more Information Security career opportunities
- Open Network Security Engineer Jobs
- Open Cyber Security Engineer Jobs
- Open Staff Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Cybersecurity Analyst Jobs
- Open Chief Information Security Officer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Information Security Officer Jobs
- Open Vulnerability Analyst Jobs
- Open IT Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open Computer Forensic Software Engineer Jobs
- Open Lead Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Personnel Security Officer Jobs
- Open Senior Information Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open Infrastructure Security Engineer Jobs
- Open IAM Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Principal Security Engineer Jobs
- Open DevOps Security Engineer Jobs
- Open Staff Application Security Engineer Jobs
- Open Audits-related jobs
- Open CEH-related jobs
- Open Clearance-related jobs
- Open Open Source-related jobs
- Open PCI-related jobs
- Open Risk management-related jobs
- Open NIST-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Google-related jobs
- Open OSCP-related jobs
- Open Machine Learning-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open AI-related jobs
- Open IPS-related jobs
- Open Security assessments-related jobs
- Open Threat detection-related jobs
- Open Encryption-related jobs
- Open Docker-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs
- Open DNS-related jobs
- Open PowerShell-related jobs