Security Engineer II, Insider Threat & Forensics Investigations
Seattle, Washington, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Amazon is seeking highly motivated Security Engineers to join our world-class Amazon Security organization and work within the investigations function of our Internal Threat Reduction team to help protect Amazon from insider attacks.
This role is responsible for leading end-to-end insider threat and forensics investigations across Amazon Stores organization and will have the opportunities to research and innovate engineering solutions to improve investigative operations. As part of the Investigations team, you will also participate in building large scale, customized tools that enable you and the team to rapidly investigate, proactively detect, and increase collaboration across partner teams.
A Security Engineer at Amazon is expected to be strong in multiple domains. Engineers in this role work closely with teams throughout Amazon Security, such as Incident Response, Threat Intelligence, and Legal teams, and provide technical leadership and advice to our customers and partners throughout Amazon.
Engineers in this role must demonstrate resilience and navigate difficult situations with composure and tact. This role will be expected to provide thought leadership for the organization as you invent and innovate in the course of their duties. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its customers secure.
Key job responsibilities
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $135,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.
This role is responsible for leading end-to-end insider threat and forensics investigations across Amazon Stores organization and will have the opportunities to research and innovate engineering solutions to improve investigative operations. As part of the Investigations team, you will also participate in building large scale, customized tools that enable you and the team to rapidly investigate, proactively detect, and increase collaboration across partner teams.
A Security Engineer at Amazon is expected to be strong in multiple domains. Engineers in this role work closely with teams throughout Amazon Security, such as Incident Response, Threat Intelligence, and Legal teams, and provide technical leadership and advice to our customers and partners throughout Amazon.
Engineers in this role must demonstrate resilience and navigate difficult situations with composure and tact. This role will be expected to provide thought leadership for the organization as you invent and innovate in the course of their duties. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its customers secure.
Key job responsibilities
- Serve as a primary insider threat and forensics investigator, using an array to tools and capabilities to investigate internal threat cases.
- Provide subject matter expertise in all aspects of insider threat and forensics investigations.
- Provide analytical and operational support to internal risk investigations, mitigation, and program objectives.
- Participate in on-call rotation and lead large-scale incidents requiring parallel investigations, executive communications, reports, and after-action analysis across a global scale.
- Communicating effectively with varying audiences at multiple levels of sensitivity, often including legal, human resources, business leaders, and partner information technology and information security teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape. Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon.
Basic Qualifications
- BS in Computer Science or related field, or equivalent work experience.
- 3+ years of demonstrated experience in an Information Security or Investigative role, preferably in digital forensics, incident response, internal threat (aka insider threat) investigations, or a technical engineering role.
- 1+ years of hands-on experience working in a SOC or operational environment, with understanding of all phases of a typical incident response process.
- Advanced knowledge and understanding of key security engineering fields, such as host-based forensics, network forensics, mobile/IoT forensics, OSINT, security control validation and defense, log analysis and DLP/SIEM/EDR.
- Effective written and verbal communication skills to communicate security and business risk to a broad range of technical and non-technical audiences.
Preferred Qualifications
- Experience using open-source and/or commercial forensics tools such as Magnet Axiom, Nuix, Cellebrite Digital Collector and Digital Inspector.
- Advanced knowledge and understanding of anti-forensics techniques.
- Relevant industry certifications or training which demonstrate intimate familiarity with the forensics investigations or insider threat discipline (e.g., CFCE, GCFE, GASF, GIME, GCFA, GNFA or CERT, CCITP, NITTF).
- Experience with digital forensics as part of legal proceedings (e.g., evidence handling, affidavits, testimony).
- Ability to make concrete progress in the face of ambiguity and imperfect knowledge.
- Experience with AWS cloud solutions for automation development.
- Coding proficiency in Python, Go, or similar language.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $135,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.
Tags: Automation AWS CERT CFCE Cloud Computer Science EDR Forensics GCFA GCFE GNFA Incident response Log analysis OSINT Python SIEM SOC Threat intelligence
Perks/benefits: Career development Equity
Region:
North America
Country:
United States
Job stats:
8
2
0
Categories:
Forensics Jobs
Security Engineering Jobs
Threat Intel Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs