Security Engineer, Forensics and Malware

Website amazon

Amazon is seeking Senior Security Engineers to join our Digital Forensics and Malware Analysis team in the Amazon Security Operations Center.

Join the team responsible for providing subject matter expertise in all aspects of digital forensics and malware analysis within Amazon. You will investigate critical security incidents by conducting in-depth disk and memory forensics, and analysis and reverse engineering of advanced malware, seeking to uncover actions, techniques and objectives of malicious actors.

With your technical expertise, you will develop solutions to conduct malware and forensic analysis at Amazon scale, working to protect the applications powering the most sophisticated e-commerce platform ever built.

Key tasks include:
· Provide subject matter expertise in all aspects of digital forensics, and the analysis of malware to uncover actions, techniques and objectives
· In-depth digital forensics and timeline analysis for mobile devices, client machines and servers (physical and virtual)
· In-depth malware analysis and reverse engineering
· Producing detailed forensics and malware analysis reports
· Digital forensics and malware analysis tool research and development, enabling your teams operate at the pace and scale of Amazon
· Communicating effectively with varying audiences at multiple levels of sensitivity
· Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon


· BS in Computer Science, Information Security, or equivalent professional experience
· 6 years of demonstrated experience in areas such as system security and/or network security
· Understanding of security vulnerabilities, exploitation techniques, and methods for remediation of such
· Keep knowledge and skills current to keep up with the rapidly changing threat landscape
· Experience with AWS technologies, live and cold forensic analysis solutions such as The Sleuth Kit, Autopsy, Encase, FTK, X-Ways, GRR and malware analysis tooling including debuggers (OllyDbg, ImmunityDbg, x64dbg), disassemblers (radare2, IDA Pro), static and dynamic analysis tools.
· Ability to work with a high degree of autonomy
· Excellent written and verbal communication skills
· Scripting skills (e.g., Perl, Python, Bash, PowerShell )


· 7+ years equivalent information security experience
· Relevant industry certifications which demonstrate intimate familiarity with the cyber attack lifecycle. (e.g. GMON, GCIH, GCFA, GREM, OSCP)
· Strong demonstrated knowledge of common offensive techniques, and an in-depth knowledge of UNIX tools and architecture
· Experience working as part of a Computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT)
· Preference for candidates with knowledge in Data Sciences, Machine Learning, or Artificial Intelligence

Scroll to top