Amazon Security Engineer Threat Discovery Detection TD2 Customer Service 

United States, Washington, Seattle 

906058388

Key job responsibilities
You'll be responsible for designing, implementing, and optimizing detection rules and systems that monitor and analyze security-related activities across our infrastructure. Your expertise will be crucial in developing scalable detection solutions that enable proactive threat identification, behavioral analysis, and risk mitigation.In this role, you'll collaborate closely with data engineers, data scientists, and incident responders to transform security requirements into effective detection capabilities. You'll utilize advanced security platforms and AWS services to build comprehensive detection frameworks that protect our customers and systems from evolving security risks.
A day in the life
- Design and implement detection logic to identify sophisticated attack patterns and anomalous behaviors
- Develop and optimize detection rules across multiple security monitoring platforms
- Research and analyze emerging attack patterns and techniques to enhance detection capabilities- Present detection strategies to stakeholders and incorporate feedback into implementations
- Troubleshoot detection accuracy issues and tune rules to reduce false positives
In the coming years, we're focused on expanding our detection coverage, implementing machine learning-based detection capabilities, and enhancing our ability to identify sophisticated threats in real-time. As a Security Engineer, you'll be at the forefront of these initiatives, helping to shape the future of threat detection at Amazon.

- Bachelor's degree in Computer Science, Cybersecurity, or a related technical field
- 1+ years of professional experience in security engineering or related field
- Strong programming skills in SQL, Python, Java, or similar languages

- Master’s degree in Computer Science, Cybersecurity, or a related technical field
- Knowledge of threat hunting and incident response processes
- Experience with cloud technologies (AWS preferred, Azure, Google Cloud, etc)
- Experience with SIEM platforms and security monitoring tools
- Strong understanding of the MITRE ATT&CK framework and attack methodologies
- Expertise in developing and implementing detection rules and logic