Sr. Security Engineer, Security Operations

US, NY, Virtual Location - New York

Full Time Senior level / Expert
Amazon.com logo
Amazon.com
Apply now Apply later

Posted 1 month ago

Do you have experience as a Cybersecurity leader for a hospital or large healthcare organization? Are you passionate about healthcare with a special focus on information security and compliance in the cloud? Do you have solid experience understanding and influencing security-related technology decisions made by healthcare customers? Do you have a talent for helping technical and non-technical leaders understand how can use security as the foundation for transformation, and the consultative and leadership skills to launch a project on a trajectory to success? Do you have a unique combination of deep technical knowledge, business acumen and strong interpersonal skills?

Amazon Care is looking for a motivated and highly-skilled Sr. Security Engineer, who exhibits a passion for security, and a desire to innovate. You will be a member of the Amazon Care Security Operations team. You will design, build and operate an organization-wide Security Operations program to detect, assess and mitigate threat. Security Operations owns ingesting and processing data from the full range of logs, telemetry and sensor alerts, creation of detection mechanisms of behavioral anomalies, and threat intelligence to produce actionable security insight to mitigate risk. You will develop and mentor engineers across the teams on designing for security operations, and how to prepare for incident response. You will work with the associated teams across Amazon, collaborating to ensure appropriate executive visibility on Security controls and risks. You will help set and meet aggressive goals. You will help shape our long term technical and business strategy in the area of Risk, Security and Compliance.

A Sr. Security Engineer at Amazon Care is expected to be strong in multiple domains and provide contributions to the not only to the Amazon Care organization, but also back into AWS Service teams, infrastructure teams and administrative teams. You are expected to develop solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to be a security thought leader for the organization. The successful candidate will foster constructive dialogue and seek resolution to challenging risk, security and compliance problems. You will participate fully in the planning of the Amazon Care Risk, Security, and Compliance team's work and constantly seek opportunities for process improvement.

Some responsibilities include:
· Define and implement preventative, detective and monitoring mechanisms to enable security at scale.
· Prepare, obtain approval, and implement security plans (Security Operating Procedures (SOP's), System Security Plans (SSP's), Concepts of Operations (CONOPS), etc)
· Provide regular status reporting to senior leadership and key stakeholders on the overall security of Amazon Care, including plan execution and risk identification, prioritization and triage.
· Provide third-party security assessment, architecture reviews, and work with Engineering to develop integration plans that include remediation of identified weaknesses and/or implementation of compensating controls.
· Work directly with software engineers to design security systems and solutions that enable developers to operate their services more effectively, securely and safely.

Basic Qualifications


· BS in Computer Science or related field, or equivalent work experience
· Experience as a security analyst working threat intelligence, security operations and incident response, including forensic investigation
· Experience in software development, iterative analytic development, life cycle process.
· 10+ years’ experience in Security technical roles, including operations and incident response

Preferred Qualifications

· Experience performing security assessments and information system audits of network, operating systems, application security, as well as auditing IT processes
· Clear understanding of Agile, CI/CD, DevOps approach and how they impact risk management and compliance
· Experience working in the healthcare field, and an understanding of HIPAA and other regulations that apply to healthcare data
· Experience in the development of security products
· Have a clear understanding and experience with AWS cloud computing services and deployment pipelines.
· Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
· Deep and broad technical knowledge of and experience with IT security, cloud computing, compliance frameworks, identity and access management, service-oriented architectures, distributed systems, networking, modern application architectures, and the like; plus strong understanding of virtualization, storage systems, software-defined networks, Internet Protocol, high availability and high scalability using modern techniques (scale out versus scale up), etc.
· Broad knowledge of programming languages, operating system principles, networking, and software development best practices.
· Excellent communication skills, solid work ethic, and a strong desire to mentor others

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.





Job tags: Architecture Auditing Audits AWS DevOps Incident response Security assessments Strategy Threat intelligence
Job region(s): North America Remote/Anywhere
Share this job: