Security Support Engineer - AWS Security Operations Center (SOC)
Posted 1 month ago
Amazon Web Services Security Operations Center (AWS-SOC) is looking for an individual to work as a Security Support Engineer (Sec SE) within the Risk Operations (Risk Ops) team. A successful candidate will need to embody our 14 leadership principles; especially strong in Learn and Be Curious, Earns Trust, and Dives Deep. This individual can will work from the Seattle SOC location, this candidate needs to be competent working in a fast paced technical and at times ambiguous environment.
The Risk Ops Security Support Engineer (Sec SE) will work with security leaders and AWS cross functional teams to methodically adhere to strict standards while managing new and existing security technologies. This person will manage communications, generate and/or manage trouble tickets (i.e. security findings both logical and physical), interact with security systems and data warehouses that impact AWS data, operations, and/or reputation.
The Risk Ops team supports technical security campaigns and leverages tools and systems across the AWS Security to query trends, mine databases and system log, and detect anomalies and/or inconsistencies that require mitigating improvements.
The successful candidate should have a record of accomplishment within security and/or related fields, possess excellent verbal and written communication skills, be able to data mine and analyze data from various sources, and demonstrate sound judgment while under pressure. They need to be successful at multitasking, be self-motivated, and use discretion when dealing with sensitive information. They should also be able to rapidly learn new technologies, consider multiple solutions to problems, and show high levels of judgement when determining risk and impact of security events. An ideal candidate will have a thorough understanding of security operations as context for decision making when taking ownership to solve problems.
The AWS SOC is a 24/7/365 center and vulnerabilities and escalations can stretch to include nights, weekends, and holidays. This role is in the support of the 24/7 operations and will be part of a 3 shift (Days, Swing, and Graves) rotation targeted at supporting the needs of the fast moving AWS environment.
· Independently works and supports campaign findings, researches mitigations, and analyzes potential security vulnerability related information from a variety of sources to identify patterns and trends.
· Produce progress reports, briefs, and white papers for senior leadership, internal departments, and stakeholders regarding vulnerabilities, security concerns, and operations gaps as they affect AWS data, operations, and/or reputation.
· Works as catalyst to bring stakeholders together to address findings and risks until a formalized business owner is identified to take lead.
· Consults closely with the other Amazon security and service teams on issues related to AWS security posture.
· Interface with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk.
· BA/BS in Physical Security, Critical Infrastructure (Business Continuity / Disaster Recovery) , Computer Science, MIS, Engineering, Enterprise Risk, Information Technology, Finance, or related field(s).
· This person will have extensive knowledge of security technology, risk assessment methodologies, policies, and processes.
· Familiarity with cloud architecture/infrastructure and general networking principles
· Must be self-motivated and have the ability to work independently or collaboratively with a team, and multi-task effectively.
· Strategic thinker with the ability to see/understand the big picture.
· Understanding of scripting languages, such as PowerShell, Python, and/or shell scripts
· Experience in systems and network administration
· Demonstrated ability to influence others to apply skills and techniques to solve dynamic problems.
· Ability to supervise and train global stakeholders and business partners.
· Strong communications clear and concise (both written and verbal, presentation and interpersonal skills).
· 4+ years of experience with an enterprise wide security program.
· 3+ years' experience demonstrating high-level customer service skills
· 5+ years' experience using MS Office Suite to include Word, PowerPoint, Excel, etc.
· 5+ years' experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
· Experience in producing reports for senior management, internal departments, and stakeholders regarding threats, global security concerns, and geo-political developments as they affect AWS data, operations, reputation, and/or employees globally.
· Experience with physical security operations in Amazon.com, AWS, and, assets globally (or like industry companies).
· 5+ years’ experience demonstrating the ability to produce reports for senior managers, internal departments, and external stakeholders regarding threats, global security concerns, and geo-political developments as they affect employees, operations, assets, and customers globally
· Experience using automation to solve problems and reduce repetitive tasks
· Ability to independently collect, research, and analyze threat related information from a variety of sources to identify and evaluate risks, patterns and trends
· Experience with My SQL, SQL, and ability to manipulate raw datasets into analytical outputs within MS Excel (or other).
· Experience with experience configuring and modifying access control systems (ex: Lenel, Multi-Max, C-Cure, Honeywell, etc.)
· Experience maintaining Microsoft Active Directory
· Experience engaging in project management, tracking timelines, and participating in planning and executing tasks within project milestones.
· Experience demonstrating the ability to produce reports for senior managers, internal departments, and external stakeholders regarding projects, risks, and initiatives.