Systems Security Engineer, Amazon Cyber Threat Intelligence

Job Description

Amazon is seeking an innovative Security Engineer to join the Amazon Cyber Threat Intelligence (ACTI) team as a Cyber Threat Exploitation Engineer where you will leverage your in-depth knowledge and analysis of emergent exploits, exploit frameworks, and vulnerabilities to identify novel threat actors, discover attacks against Amazon, AWS and its customers.

Requirements

• BS degree in Computer Science, Management Information Systems, Computer Engineering, or 3+ years equivalent technology experience
• 3 years experience with analyzing software exploits and creating corresponding detections and/or countermeasures
• 3 years experience in system, network, and/or application security
• 2 years experience building automated tools in C, C++, Java, Python, Perl, PowerShell, or Ruby
• 2 years experience with SQL or other query languages

Responsibilities

• Identify, research, and analyze novel vulnerabilities discovered in threat intelligence data, applications, devices, and networks
• Interface with ACTI reverse engineers to provide reversing requirements as well as be able to independently triage malware, analyze exploit samples, and study attack techniques to understand how vulnerabilities are being weaponized
• Pursue actionable intelligence on current exploits, perform deep dive analysis of malicious artifacts related to software exploits, and use that data to identify attacks against Amazon, AWS, and its customers
• Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
• Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale
• Provide situational awareness on the current threat landscape and the techniques, tactics, and procedures associated with specific threats
• Accurately document ongoing investigations, craft consumable threat intelligence products, and clearly present and communicate emerging threats and high-risk vulnerabilities in operating systems and software libraries, cloud, network devices, and web applications to key stakeholders
• Periodic on-call responsibilities

Benefits

• Medical, dental, and vision coverage (multiple plan options)
• Health savings and flexible spending accounts
• 24/7 Employee Assistance Program for mental health support
• 401(k) with company match and various investment choices
• Company-paid life/AD&D and disability insurance
• Restricted stock units (RSUs) for employee ownership
• Child care and elder care referrals, adoption assistance
• Paid maternity and parental leave (including Ramp Back)
• Paid time off (PTO) and company holidays
• Employee discount on Amazon.com products
• Career Choice program (95% tuition and textbook coverage)