Amazon Security Engineer Threat Detections Subsidiary Acquisition Team 

United States, California, Hawthorne 

797479583

Key job responsibilities
* Threat Detection: Utilize previous experience analyzing large datasets to develop, measure, and tune detection rules to ensure effective and sustainable operations.* Forensics and Analysis: Analyze incidents to understand attack vectors, tactics, techniques and procedures (TTPs).* Threat Hunting: Search for signs of Advanced Persistent Threats (APTs) and other malicious
activities, utilizing internal data sources.* Rule and Content Development: Craft and refine detection rules, use cases and signatures to enhance the accuracy of detection systems, adapting to emerging threats and attack vectors.* Collaboration: Work cross-functionally with incident responders, security engineers, and other stakeholders to improve the security posture of the S&A customer organizations.A day in the life
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 3+ years of experience in a security engineering role.
- 3+ years of experience across various Linux distributions including Redhat, Ubuntu and CentOS.
- 2+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience.
- 2+ years of experience with AWS core services (EC2, S3, DDB, RDS, KMS, etc.).

- Bachelor’s degree in a relevant field (Computer Science, Software Engineer, Security, or others) or an equivalent combination of education, training, and experience.
- Knowledge of common attack tactics, techniques and procedures (TTPs).
- Knowledge of Data Science best practices with proven experience evaluating large datasets.
- Experience with analyzing logs, network traffic and endpoint data to identify malicious activity.
- Familiarity with system security and SIEM platforms.
- Excellent written and verbal communication skills while engaging both technical and non-technical stakeholders.