Internal Threat Detection, Manager | Security Engineer, Internal Threat Reduction

Job summary
Are you an experienced insider risk people leader who excels leading teams tasked with designing detections and modeling internal threats? Amazon is seeking a manager to join our internal threat reduction team. Join the team responsible for providing developing and executing insider threat capabilities for Amazon. The team’s mission is to reduce to risk insiders can pose to Amazon, and the primary responsibility of this role will be to lead a team of security engineers who design innovative insider threat detections and alerting.

The role provides the opportunity to partner with business teams, data scientists, security engineers, and insider risk specialists to translate insider threat use cases into technical monitoring, detection, and alerting mechanisms. At Amazon, we build tools to match the scale of Amazons environment, pushing the limitations of existing tooling and evolving beyond those limitations. As part of this team, you will join an agile and cross-functional team that rapidly researches and designs new ways for Amazon to protect its customers.

The successful candidate is an established security leader with experience in designing insider threat detections, security content development, and managing teams to produce high-quality deliverables on time. They are able to analyze log sources from a variety of applications and systems to identify the appropriate inputs and models for detecting potential insider threats. This candidate enjoys coaching their team on best practices, while continually pursuing opportunities to improve their own technical skillets. They enjoy working alongside their technical and non-technical teammates.

This candidate is an effective and proactive communicator, who obsesses over their customer’s needs. They are drawn to complex and ambiguous problems and skilled at distilling those into simple and actionable solutions for their customers. This candidate is a team player who embodies Amazon’s leadership principles, with an emphasis on Invent & Simplify, Customer Obsession, and Delivering Results.


Key job responsibilities
* Guiding engineers to analyze applications and systems to identify relevant data sources for insider threat detections
* Developing a framework for mapping functional insider threat use cases to specific data elements in logs
* Leading the design of insider threat detection blueprints to produce high-fidelity alerting
* Building a deep awareness of existing data sources that can be integrated into detection designs to improve fidelity
* Guiding cross-functional design sessions with business and security teams across Amazon
* Communicating effectively with business, technical, and non-technical partners
* Developing trends and insights based upon data to drive continual improvements

Basic Qualifications

* 5 years of demonstrated experience in areas such as internal threat (aka insider threat), digital forensics, or internal investigations
* 3 years of demonstrated experience in security content development, log source analysis, threat modeling or related fields
* 2 years of demonstrated experience leading technical teams
* Degree in related field with a strong technical background (additional years of experience may be considered in lieu of degrees
* Ability to work with a high degree of autonomy in a global environment
* Excellent written and verbal communication skills to communicate security and business risk to a broad range of technical and non-technical audiences
* Scripting skills (e.g., Perl, Python, Bash, PowerShell )

Preferred Qualifications

* Experience with the Software Development Lifecycle
*Experience leading insider threat response or investigations team(s)
* Experience with AWS cloud solutions
* Experience in Data Sciences, Machine Learning, or Artificial Intelligence is a plus
* Experience designing and building for User and Entity Behavioral Analytics (UEBA) or User Activity Monitoring (UAM) solutions


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.