Security Engineer, Threat Hunt, Security Incident Response Team (SIRT)
Description For Security Engineer, Threat Hunt, Security Incident Response Team (SIRT)
Amazon's Threat Hunting team is seeking a Security Engineer, Threat Hunting who is passionate about uncovering undetected threat activities at petabyte scale. In this role, you'll work with other Threat Hunting engineers to proactively identify and eliminate threats across Amazon's vast infrastructure.
Key responsibilities include:
- Querying and analyzing machine data to detect potentially damaging threat activities
- Collaborating with incident responders on ongoing security investigations
- Reconstructing security events from log data and developing innovative approaches to identify threat actor tactics, techniques, and procedures (TTPs)
- Building custom capabilities to enable threat hunting operations at scale
- Participating in an on-call rotation for ad hoc customer support
Your typical day may involve:
- Analyzing large datasets for cyber threat indicators
- Developing recurring database searches for security artifact extraction
- Improving security measures and reducing operating risk for customers
- Staying updated on the latest cybersecurity trends and threats
- Assisting in the development of innovative threat detection capabilities
- Addressing high-priority security issues individually or as part of a team
The Threat Hunting team is part of the Security Incident Response Team (SIRT) and focuses on proactively identifying threats that pose risks to Amazon's customers and their data. This dynamic environment offers opportunities to work on diverse security challenges and contribute to maintaining customer trust in Amazon's services.
Amazon Security values diverse experiences and encourages candidates from all backgrounds to apply, even if they don't meet all listed qualifications. The organization offers opportunities to build experience across various areas, including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work-life balance is prioritized, with flexible work hours and arrangements available. The inclusive team culture promotes ongoing learning and diversity, equity, and inclusion (DEI) initiatives. Amazon Security is committed to continuous improvement and offers extensive training and career growth resources to help you develop as a well-rounded professional.
Join Amazon Security to tackle some of the most challenging security problems at scale and help protect the world's most sophisticated e-Commerce platform.
Responsibilities For Security Engineer, Threat Hunt, Security Incident Response Team (SIRT)
- Query and analyze machine data to detect potential threat activities
- Collaborate with incident responders on security investigations
- Reconstruct security events from log data
- Develop innovative approaches to identify threat actor TTPs
- Build custom capabilities for threat hunting at scale
- Participate in on-call rotation for customer support
- Monitor cybersecurity media to maintain threat landscape awareness
- Develop recurring database searches for security artifact extraction
- Work on high-priority security issues individually or as a team
Requirements For Security Engineer, Threat Hunt, Security Incident Response Team (SIRT)
- BS in Computer Science, Cyber Security, or related field, or 6+ years of equivalent professional experience
- 3+ years of demonstrated experience in threat hunting, incident response, systems security, network security, or related field
- Proficiency in one or more scripting languages (e.g., Python, Bash, PowerShell, Perl)
- Excellent written and verbal communication skills
- Ability to adapt messaging to executive, technical, and non-technical audiences
Benefits For Security Engineer, Threat Hunt, Security Incident Response Team (SIRT)
- Flexible work hours
- Career growth opportunities
- Diverse and inclusive work environment
- Training and development resources
