Amazon Security Engineer AWS Trust & Safety 

South Africa, Western Cape, Cape Town 

92254122

AWS Trust and Safety (T&S) Risk & Response (R&R) is seeking a motivated Security Engineer with a strong background in incident response, threat investigation, and developing solutions to security issues. As a Security Engineer in R&R, you will employ your technical skills to develop solutions to complex and ambiguous security-related events originating from AWS resources that threaten the confidentiality, integrity, and availability of other AWS customers, the AWS network, or external internet users. You will build proofs of concept and develop tooling/automation solutions that help T&S and AWS scale with the evolving threat landscape.Key job responsibilities- Use SQL and Python or similar scripting languages to automate tasks and retrieve data to identify trends in abuse.
- You will engage autonomously with AWS customers, programs, and services to create, build, and innovate security operations.
- Partnering effectively with customers and stakeholders. You will help establish a roadmap and successfully deliver engineering solutions that drive towards accomplishing the team’s mission.- Collect, analyze, and document information to author threat reports to drive scalable mitigation and remediation actions.
- Provide situational awareness on the current threat landscape and the TTPs associated with specific threats to our business, including ongoing malware campaigns.
- Collect data from intelligence communities, threat intelligence platforms, open source data repositories, and other sources to analyze TTPs and anomalies.
- Drive operational excellence and efficiency in everything you do, whether by researching new, or scaling up existing capabilities, creating effective mechanisms, and automating day-to-day tasks.
- Participate in scheduled 24/7 on-call duties.A day in the life
* Identify tactics, techniques, and procedures used by abusive threats and identify/execute remediation actions to remove the threat from AWS.
* Develop internal automations that facilitate the detection of AUP violations by threat actors and work with other AWS security teams to develop automated detections for abusive trends.
* Respond to incidents and manage the response for T&S from notification to remediation.
* Represent T&S as the technical expert on abuse during high-impact situations requiring immediate response to protect AWS and its customers from violations of the AWS AUP.A successful candidate will have a firm grasp of cloud computing and a passion for developing technical solutions which facilitate the investigation and development of threat intelligence. You must be an enthusiastic learner and insatiably curious. You will have a demonstrated history of driving workable solutions, even in the face of resource limitations, as well as environmental, legal, and technical challenges. We seek a team player who prioritizes well, communicates clearly, and has a consistent track record of delivering results. You must be proactive in removing roadblocks, always looking for ways to innovate and operate more efficiently, and be able to handle multiple competing priorities in a fast-paced environment. You will need to influence internal and external globally dispersed stakeholders, and be able to effectively rally support for R&R’s projects and your own initiatives.
About the team
Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Work/Life Balance:
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

- 5+ years’ experience in areas such as cloud service infrastructure, cloud security, networking, computer engineering
- 3+ years’ experience with focus in areas such as systems, network, web protocols, and/or application security AND 2+ years’ experience with SQL or other query languages
- Knowledge of current security trends, threats, and mitigation OR Previous experience on a Security Operations team, or experience coordinating responses to security incidents.
- Demonstrable proficiency in Python required. Other languages are a plus but not required (Go, Ruby, Shell/Bash scripting, Java, Javascript/TypeScript, Rust, etc)
- Understanding of industry standard threat frameworks (Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK)
- Strong knowledge of web protocols and an in-depth knowledge of Linux/Unix tools and architecture.
- Strong knowledge of Computer Science fundamentals, including; data structures, object-oriented programming, design, and analysis of algorithms

- A MS degree in Computer Science, MIS, Computer Engineering, or 8+ years’ equivalent technology experience.
- 5+ years global analysis and threat mitigation background
- 5+ years scripting/programming experience: Python, C, C++, Java, Ruby, and/or PowerShell
- 3+ years of experience building with and securing AWS cloud services such as Lambda, EC2, and S3.
- Experience with virtualization technologies, familiarity with AWS and GuardDuty services is highly valued in particular.
- One or more professional network and security certifications such as Security+, CEH, CCNA, GSEC, CISA or CISSP (or equivalent work experience)
- Extensive knowledge of internet security issues and threat landscape.