Security Engineer II, Threat Hunting, Security Incident Response Team (SIRT)

Amazon Security is looking for an experienced Security Engineer who is excited by the idea of searching for undetected threat activities at petabyte scale. In this role, you will work alongside a team of world class security practitioners and develop novel threat detection and mitigation strategies.

Our Threat Hunting team hunts for adversarial activity using a variety of tools, methods, intelligence, and techniques. The team is hands-on with security data and is known for developing innovative solutions to common security problems. Our threat hunting engineers are builders as much as they are security engineers, and as a member of this team, you will solve security challenges at scale and work to protect one of the most sophisticated e-Commerce platforms ever built.

If you are someone who enjoys researching threats, diving deep into large datasets, and developing novel solutions to common security problems, we would like to meet you. Your work will be essential to delighting our customers and maintaining their vital trust.

Export Control Requirement : Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.

Key job responsibilities

• You will query, collate, and evaluate machine-generated data for evidence of potentially damaging activities which could pose a risk to Amazon customers and data.
• You will work alongside our global incident response team and participate in the scoping and analysis of complex security issues.
• You will evaluate threat actor tactics, techniques, and procedures (TTPs) for threat detection opportunities.
• You will design, develop, and deploy early-stage threat detection mechanisms and partner with Threat Detection engineers to establish durable and long-term coverage.
• You will develop metrics and implement solutions to derive operational insights from custom capabilities.
• You will identify opportunities to automate repetitive processes and generate efficiencies for multiple teams.
• You will participate in an on-call rotation and provide ad hoc support to customers during non-business hours, when required.

A day in the life

About the team

Amazon's Threat Hunting team is a component of a global security incident response organization charged with mitigating security issues which pose a risk to the core retail and subsidiary businesses. Our Threat Hunting engineers leverage robust experience across multiple security disciplines, including digital forensics, threat intelligence, threat detection engineering, security automation, red teaming, and more, to create innovative solutions and maximize value for customers.

Our Threat Hunting team embraces automation and consistently seek out opportunities to raise the security bar. Their engineers operate from first principles and are builders as much as they are security practitioners. The team is well respected within the security organization and has a strong reputation of delivering value for its customers.

Why Amazon Security

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Work / Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

Inclusive Team Culture

In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training and Career Growth

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

#JoinDefSec

BASIC QUALIFICATIONS

PREFERRED QUALIFICATIONS

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country / region you're applying in isn't listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000 / year in our lowest geographic market up to $212,800 / year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and / or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.