Security Intelligence Engineer, Incident Response Threat Intelligence, ACTI

Description

We are open to hiring candidates to work out of one of the following locations :

Annapolis Junction, MD, USA | Arlington, VA, USA | Austin, TX, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, USA

The Threat Intelligence for Global Enterprise Response (TIGER) team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing actionable intelligence on advanced cyber threats to Amazon employees and company assets. Our intelligence supports incident response teams, red teams, detections teams and teams working to prevent financial loss to the company. We obtain indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of sophisticated actors and their tools, techniques, and procedures. We then leverage that understanding to proactively identify and mitigate malicious activity.

This position requires that the candidate selected be a US Citizen.

The successful candidate will analyze indicators to generate actionable intelligence and insight into current threats. As a Security Intelligence Engineer, you will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current cyber threat actors and TTPs as well as experience performing question-driven analysis is required. You will leverage your understanding of networking- and host-based indicators, digital forensics, and database querying as you investigate incidents and threats as well.

Key job responsibilities

Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.

Create security techniques and automation for internal use that enable you to operate at high speed and broad scale.

Contribute to Amazon's understanding of the current threat landscape and the techniques, tactics, and procedures associated with specific threats.

Perform deep dive analysis of malicious artifacts.

Draft and publish finished written threat intelligence products based on findings.

Periodic on-call responsibilities.

About the team

Work / Life Balance

Our team puts a high value on work-life balance. It isn't about how many hours you spend at home or at work; it's about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives.

Inclusive Team Culture

In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Mentorship & Career Growth

Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship. We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why Amazon Security

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Basic Qualifications

3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience

2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience

2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience

Bachelor's degree in computer science or equivalent

Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or 2+ years of IT Security experience

Knowledge of networking protocols such as HTTP, DNS and TCP / IP

Experience in scripting, programming, and security code reviewing in a common programming language (non-internship)

Preferred Qualifications

2+ years of any combination of the following : threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience

2+ years of scripting, programming, or security code review in a common language, such as Python, Java or C++ experience

Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks

Knowledge of networking protocols, to include HTTP(S), DNS, and TCP / IP

Experience with AWS products and services

Experience with programming languages such as Python, Java, C+Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country / region you're applying in isn't listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000 / year in our lowest geographic market up to $212,800 / year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and / or other benefits. For more information, please visit . This position will remain posted until filled. Applicants should apply via our internal or external career site.