Security Engineer, Threat Intelligence, Payments Security, Security Intelligence

Job summary
We are looking for high-speed threat intelligence analysts/engineers to join our security intelligence team. Our mission: We are explorers identifying threats to our payment systems. You will work as an integral part of the team bridging the gaps between our red and blue team, providing timely, relevant and insightful intelligence to help us understand our threat landscape.

Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Paramount to our success is ensuring that our customer data is secure.

Key job responsibilities
Lead and guide intelligence processes and business functions for the security intelligence team

Identify key talent and foster relationships that advance security intel initiatives

Develop and execute Priority Intelligence Requirements that drive security intelligence prioritization and focus on business outcomes

Guide intelligence research, build customer build threat actor profiles, and collaborate on related tooling that helps us to identify pertinent threat actors.

Author, edit and disseminate operational and strategic reporting for stakeholders

Collect, analyze, and author threat intelligence reports covering new threats, vulnerabilities and malware.

Provide situational awareness on the current threat landscape and the TTPs associated with specific threats to our business, including ongoing malware campaigns.

Demonstrate practical knowledge managing threat data and creating intelligence assessments in support of our red team, detections & threat hunting missions

Collect data from intelligence communities, threat intelligence platforms, open source data repositories, and other sources to analyze TTPs, geopolitical events and anomalies

Enrich and contextualize technical analysis supported by industry accepted threat intelligence analytical frameworks, tools, and standards.

Lead the distribution of timely, relevant, and proactive analysis across Amazon and subsidiaries.

Basic Qualifications

· BS in computer science, networking, information systems, computer engineering, or 5+ years’ equivalent experience,
· Minimum of 5 years experience in researching, detecting and responding to security threats
· Minimum of 5 years experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services such as SIEM
· Minimum of 5 years scripting or programming experience in Ruby, Python, Shell/BASH
scripting, Java, C/C++, C*, Perl, or other languages

*Minimum of 5 years experience in at least two of the following areas: incident response, security operations, threat intelligence, detections.

Preferred Qualifications

Advanced degree within intelligence or computer science or additional relevant experience

Familiarity with and/or Standing relationships with global associations relevant to the position

Certifications (any security certification like but not exclusive to the following): CEH, OSCP, GREM, GCTI, or GCIH

Scripting/programming experience, e.g., Python, C, C++, Java, Ruby, and/or PowerShell

Experience with SQL or other query languages, e.g., SQL, SparkQL, GraphQL



Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.