Sr Incident Response and Threat intelligence Engineer
Sunnyvale, California, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...Are you interested in being part of a top-notch security team covering all Amazon consumer devices (including hardware and low-level functionality) as well as key Amazon services supporting our consumer devices (such as Computer Vision, AppStore, Device Registration, Kindle, etc.)? Amazon Lab126 is looking for exceptional candidates to join our Security Incident Response Team. The incident response team’s mission is to identify, handle, address, communicate and learn from security incidents affecting Amazon consumer devices and associated web services. Do you enjoy analyzing reported issues to identify security vulnerabilities and mitigating these issues keep customers safe? We are looking for talented security engineers who have experience in either devices or web services security. Your work directly impacts the way our customers, teams, and business across the globe get things done. If you care deeply about keeping customers safe, then we have a job for you! You can learn more about security at Lab 126 here: https://www.youtube.com/watch?v=k0UTTxzeGog.
A day in the life
• Perform root cause analysis of externally reported issues and work with product, partner and vendor teams to assess impact.
• Review security fixes, technical solutions and designs to enable product teams to mitigate security vulnerabilities as well as provide actionable long-term risk mitigation guidance to drive security improvements.
• Perform analysis of threat intelligence data to synthesize areas of proactive focus spanning product stacks.
• Perform vulnerability detection using variety of automated static, dynamic analysis as well as custom tooling (e.g. static analyzers, fuzzers, scanners, analyzers, etc.) to identify device or web services, vulnerabilities and develop proof of concept exploits.
• Develop detailed technical documentation describing identified vulnerabilities, associated impact as well as recommendations for communication with internal engineering stakeholders as well as leadership.
Job responsibilities
In this role, you will be part of a dedicated team of exceptional security engineers performing analysis of externally reported security incidents to assess the severity and determine security impact to Amazon Lab126 and subsidiary products. You will communicate securely and responsibly to address reported issues collaboration with product teams and to do the right thing for our organization. You will work with security stakeholders within the company, security research community and partner organizations across the ecosystem towards coordinated disclosure of vulnerabilities. You will lead gap analysis efforts to identify learnings to improve product security. You will work on identifying vulnerabilities in diverse product stacks spanning multiple architectures, SoCs to identify vulnerabilities in low level embedded software, operating systems, applications, peripherals or web client, web sites, and cloud services as well as introduce defenses to raise the effort for attackers. You will identify detective and preventative technology and automation to reduce the impact of security incidents and work with fellow team members to build and deploy such technology. Your role includes performing analysis of threat actor tactics, techniques to gather threat intelligence as well as sharing your technical expertise to drive improvements during the product development lifecycle. You're well-known for your excellent prioritization skills as well as your ability to communicate at all levels of an organization. If you're passionate about finding security bugs, analyzing security exploits, and enjoy seeing your work's impact across Amazon consumer products and services, then this position is for you.
Note: While the majority of our Security/Privacy roles are based in the Bay Area, CA and Seattle, WA areas, by applying to this position your application will be considered for all locations we hire for in the United States, including but not limited to: Seattle, WA, Arlington, VA; Bellevue, WA; Sunnyvale, CA, Austin TX.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Basic Qualifications
• Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cyber Security or a related field
• 7+ years relevant work experience
• 2+ year of development experience in C, C++, assembly (x86, x86-64, ARM) and/or Java
• Experience with at least one scripting language (e.g. python, ruby, bash, JavaScript, Go)
Preferred Qualifications
Master’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent. Candidates with experience in at least one of the areas is preferred.• Experience managing large scale incidents or being part of a dedicated product security incident response team
• Experience in performing security research and reporting vulnerabilities in widely used software or participating in projects related to vulnerability research and sharing contributions via public research, blogging, and presentations with the security community.
• Experience in embedded/IoT device security or web services security specifically, with experience of performing software security audits, vulnerability discovery and analysis.
• Experience with common software security vulnerabilities and methods of exploitation, such as memory corruption, privilege escalation, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc.
• Experience with static and dynamic tools for vulnerability detection and exploit mitigation techniques
• Experience with extracting firmware, reverse engineering a variety of hardware and software, including firmware, operating systems, and applications, binary analysis and proof of concept exploit development.
• Knowledge of common wireless connectivity protocols with focus on protocol or implementation security vulnerabilities (e.g. Bluetooth, Wi-Fi, 802.15.4, Zigbee) or hardware security mechanisms, including secure boot, trusted execution environments or operating system internals and associated security issues with emphasis on Linux, Android and common RTOS environments
• Experience with analysis tools such as IDA, Ghidra, Radare, Burp Suite, and network traffic dissectors such as Wireshark.
o Experience with service-oriented architecture and web services security
o Foundation in, and in-depth technical knowledge of, security engineering, computer and network security, authentication, security protocols and applied cryptography.
o Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
keyword:digitalsecurity
Tags: Android Audits Automation Bash Burp Suite C Cloud Computer Science Cryptography Exploit Exploits Ghidra Incident response Java JavaScript Linux Network security Privacy Product security PSIRT Python Reverse engineering Ruby Scripting TCP/IP Threat intelligence Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs