Security Engineer, Controlled Working Environment

Job summary
Amazon Web Services is looking for a security focused Engineer for the Controlled Working Environment (CWE) program. We are seeking an experienced and motivated Security Engineer (SE) to expand our Security Operating Center (SOC) and maintain security compliance in this working environment. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right time frames to mitigate risks.

We are looking for an individual with a deep understanding on how to balance business and technical risk that can effect the program. The candidate should be able to identify IT risks, define a mitigation plan to remediate, and consistently drive for the right results. They must have a passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is a plus.

The successful candidate will have a good mix of broad technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of Windows forensics, Cloud security, security operations, incident response, network security, and emergent security intelligence.

An ideal candidate should be able to accomplish most of the following:

* Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future.
* Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
* Build security utilities and tools that enable the team to operate at high speed and wide scale.
* Evaluate the impact of current security threats, advisories, publications, and academic research to the organization. Identify plans of action and coordinate as necessary across teams to mitigate risk.

* Ability to communicate effectively at different levels of sensitivity, knowledge, and audiences.
* Recognize, adopt, and instill the best practices of security engineering throughout the organization
* Fulfill regular on-call responsibilities.

Amazon has a fast-paced environment where we “Work Hard, Have Fun, Make History.” On a “typical” day engineers might deep dive to root cause a customer issue, investigate why a metric is trending the wrong way, consult with the top engineers at Amazon, or discuss radical new approaches to automate operational issues.

Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have twelve employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Work/Life Balance
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule, so you can have a more productive and well-balanced life—both in and outside of work.

Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.

This position requires that the candidate selected be a US Citizen

Basic Qualifications

* BS degree in Computer Science, MIS, Computer Engineering, or other technical degree or 3+ year's equivalent technology experience.
* Minimum of 3 years’ experience in three or more of the following: incident response, application security, network security, security operations, or network engineering.
* Experience using industry-standard SIEMs, especially ElasticSearch.
* Experience with security operations of Window operating system (OS) environments, (e.g. Windows system, security, application event logs)
* Two plus years experience on a Security Operations team, especially experience coordinating responses to security incidents.
* Experience working with and handling alerts from an EDR solution (e.g. CrowdStrike)
* Experience working with AWS security services (e.g. AWS Security hub, Amazon GuardDuty, AWS Config, etc)
* This position requires that the candidate selected be a U.S. citizen.

Preferred Qualifications

* Effective written and oral communication with multiple levels of leadership involving both business and technical teams.
* Experience in scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, Perl, or other languages.
* Sharp analytical abilities and proven technical architecture design skills
* Experience in customer support, abuse management, incident handling, or forensics
* Experience in Compliance Requirements (e.g. NIST, ISO, HIPPA, FedRamp, etc.)
* Experience in automation of tasks through scripting or programming
* Well-rounded background in host, network, and application security
* Experience with security best practices in server configuration, tool development, and access controls
* Security related certifications such as OSCP, CISSP, CCSP, RHCSA, CompTIA Security+ Linux+, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH,
* Experience with TCP/IP, packet analysis, iptables, and other Internet Protocols (IP, ICMP, UDP, TCP, SSL, DNS, HTTP, etc.).

* 5+ years equivalent information security experience.
* Extensive knowledge of Internet security issues, cloud architectures, and threat landscape.
* Experience with virtualization technologies, especially with AWS services.
* Ability to prioritize multiple tasks and projects in a dynamic environment.




Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.