Senior Security Engineer, Security Incident Response Team (SIRT)

Amazon is seeking qualified Security Engineers to join our innovative, high energy Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis.

With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.

Key job responsibilities

• Coordinates containment and eradication of major security incidents
• Leads conference calls engaging senior and executive leaders as well as service teams globally
• Gathers facts, evaluates risk, delegates activities, and defines a systematic action plan to contain and eradicate security threats as quickly and safely as possible
• Tracks parallel tasks across accountable owners, re-prioritizing as necessary based on risk
• Engineers solutions that prepare the SIRT team to respond to information security threats of the future
• Works alongside and mentors Information Security engineers
• Keeps their knowledge and skills current with the rapidly changing threat landscape

Basic Qualifications

Basic Qualifications

• BS in Computer Science, Information Security, or equivalent professional experience
• 5+ years of demonstrated experience in areas such as incident response, systems security, network security, and/or application security
• Demonstrated written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences
• Proficiency in at least one programming language (e.g., Python, Go, PowerShell, Shell scripting, Perl, Ruby, Java, C++, C)
• Technical depth in two or more specialties including: digital forensics, malware analysis, network security, application security, security intelligence, and security operations
• Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies
• Ability to manage multiple competing priorities with effective prioritization and task switching skills
• Ability to work with a high degree of autonomy and ambiguity

Preferred Qualifications

Preferred Qualifications

• Experience in developing security alerts and response automation
• 7+ years of Information Security experience
• Experience with AWS services and security concepts
• Experience building tools using AWS services
• Relevant industry certifications from SANS, ISC2, etc
• Strong demonstrated knowledge of Unix tools and architecture
• Experience working as part of a Computer Security Incident Response Team (CSIRT)

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.