Description

This position requires that the selected candidate has U.S. citizenship.

Amazon Web Services is looking for a security focused Engineer for the Controlled Working Environment (CWE) program. We are seeking an experienced and motivated Security Engineer (SE) to expand our Security Operating Center (SOC) and maintain security compliance in this working environment. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right time frames to mitigate risks.

We are looking for an individual with a deep understanding on how to balance business and technical risk that can effect the program. The candidate should be able to identify IT risks, define a mitigation plan to remediate, and consistently drive for the right results. They must have a passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is a plus.

The successful candidate will have a good mix of broad technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of Windows forensics, Cloud security, security operations, incident response, network security, and emergent security intelligence.

An ideal candidate should be able to accomplish most of the following:

• Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future.

• Design and coordinate cohesive responses to security events that involve multiple teams across the organization.

• Build security utilities and tools that enable the team to operate at high speed and wide scale.

• Evaluate the impact of current security threats, advisories, publications, and academic research to the organization. Identify plans of action and coordinate as necessary across teams to mitigate risk.

• Ability to communicate effectively at different levels of sensitivity, knowledge, and audiences.

• Recognize, adopt, and instill the best practices of security engineering throughout the organization

• Fulfill regular on-call responsibilities.

Amazon has a fast-paced environment where we “Work Hard, Have Fun, Make History.” On a “typical” day engineers might deep dive to root cause a customer issue, investigate why a metric is trending the wrong way, consult with the top engineers at Amazon, or discuss radical new approaches to automate operational issues.

About the team

Diverse Experiences

Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why AWS

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.

Inclusive Team Culture

Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.

Mentorship and Career Growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.

Basic Qualifications

• BS degree in Computer Science, MIS, Computer Engineering, or other technical degree or 3+ year's equivalent technology experience.

• Minimum of 3 years' experience in three or more of the following: incident response, application security, network security, security operations, or network engineering, with at least two years of experience on a Security Operations team, especially coordinating responses to security incidents.

• Experience using industry-standard SIEMs, especially ElasticSearch.

• Experience with security operations of Window and Linux operating system (OS) environments, (e.g. Windows system, security, application event logs)

• Experience working with AWS security services (e.g. AWS Security hub, Amazon GuardDuty, AWS Config, etc)

• This position requires that the candidate selected be a U.S. citizen.

Preferred Qualifications

• Security related certifications such as OSCP, CISSP, CCSP, RHCSA, CompTIA Security+ Linux+, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CE

• Effective written and oral communication with multiple levels of leadership involving both business and technical teams.

• Experience in scripting or programming (Ruby, Python, Shell/BASH, Java, etc.) and automation of security tasks through scripting/programming.

• Experience in compliance requirements (e.g. NIST, ISO, HIPAA, FedRAMP, etc.).

• Extensive knowledge of internet security issues, cloud architectures, threat landscape, and experience with virtualization technologies like AWS services.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.