Security Manager, AWS Infrastructure Incident Response (Level 6), AWS Infrastructure Security Operations
Minneapolis, Minnesota, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...At Amazon Web Services (AWS), we provide world-class, flexible, scalable, and secure cloud services to the world’s fastest growing startups, the largest enterprises, and leading government agencies. We do this by building, maintaining, and securing one of the largest, most complex infrastructures in the world. Within AWS, the Infrastructure Security – Threat, Vulnerability, and Operations (InfraSec-TVO) organization is comprised of multiple teams responsible for threat and vulnerability management, software security, and security operations across the global AWS infrastructure.
Key job responsibilities
Within TVO, the AWS InfraSec Security Operations (Ops) team is seeking a Security Manager with deep expertise in Digital Forensics and Incident Response or Security Operations to join us in building and maturing our incident response operations. In this role, you will be responsible for leading a team of security engineers that are dedicated to responding to security incidents impacting the AWS infrastructure. You will be the subject matter expert for the team and be able to effectively lead and coordinate complex security investigations. Additional responsibilities will include maintaining the InfraSec incident response plan, partnership with other AWS teams, and driving after action policy and governance changes. You will use your expertise to partner with our Threat Intelligence and Detection Engineering teams to drive continuous improvement and creation of new capabilities for InfraSec-Ops. Finally, you will work with other Infrastructure Security leaders to improve processes and tooling for not only incident response, but also security information and event management (SIEM), detection engineering, threat and vulnerability management, and application security.
About the team
AWS leads and innovates. We don’t just buy off-the-shelf software or follow others. We research and pursue the best approach for the business, whether that’s building new solutions or leveraging existing ones. AWS, and Infrastructure Security in particular, operate at massive scale and as a result, demand the highest standards, passion, and discipline for information security and software engineering. A high level of ownership and accountability is a must for this role.
Basic Qualifications
- Bachelor’s Degree in Computer Science, Information Security, Information Technology, or equivalent work experience
- Minimum of five (5) years of experience in threat intelligence, vulnerability management, or other related discipline
- Minimum of two (2) years of engineering or people leadership experience
Preferred Qualifications
- Over five (5) years of experience as a leader in incident response, security operations, security information and event management (SIEM), or other related disciplines
- Experience leading incident response activities in a large, globally distributed organization
- Experience as a member of a 24x7 on-call rotation
- Experience with common SIEM tools such as Splunk
- A strong understanding of core internet and networking technologies (routing protocols, network architecture, TCP/IP, etc.)
- Linux systems engineering skills and a solid grasp on operating system fundamentals
- Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)
- Relevant industry certifications (ISC2, ISACA, SANS/GIAC, CompTIA, Microsoft, Linux, AWS)
- Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Tags: Application security AWS Cloud CompTIA Computer Science DFIR Forensics GIAC Governance Incident response ISACA Linux Perl Python Ruby SANS Scripting SIEM Splunk TCP/IP Threat intelligence Vulnerability management
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DoD-related jobs