Amazon

Returning Candidate?

Associate Security Engineer

Associate Security Engineer

Job ID 
425178
Location 
US-WA-Seattle
Posted Date 
10/5/2017

Job Description

Are you up to the challenge of helping secure the largest managed infrastructure in the world? The AWS Security Operations team is looking for security engineers who are ready to roll up their sleeves and dive into security issues at scale. We are looking for people with a passion for keeping customers secure by engineering novel solutions to complex security challenges.

This position requires a person with a security background who will show leadership by proactively identifying security flaws and vulnerabilities, quickly assessing the potential risk, driving for the right architecture decisions across many different teams to harden our infrastructure, and educating other members of the security operations team.

Security Engineering and Operations is part of how we keep our customer safe in a continuously changing world. As part of this, you will:
  • Triage and respond to security issues, and quickly determine mitigations that work at scale.
  • Define and create the processes, tools, and auto-detection technologies that monitor internal systems
  • Partner with teams throughout the company to develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
  • Show leadership by mentoring, and educating other members of the Security Organizations.
  • Share on-call responsibilities to make sure we’re always ready when new threats emerge.
AWS Security Operations is continually responding to customer feedback with new functionality. As part of making sure everything we provide meets our customer’s security needs, you will:
  • Provide subject matter expertise on architecture, authentication, and system security
  • Conduct sophisticated security reviews - from high-level web application architecture to OS level parameters
  • Solve problems at their root, stepping back to understand the broader context, and implementing fixes to ensure that an issue will never happen again
  • Maintain an understanding of the Internet threat environment and how it affects the company and keep knowledge and skills current with the rapidly changing threat landscape
  • Improve AWS Security service offerings to help our customers to protect their applications against attacks
Come join an amazing team of security experts to solve interesting security issues and keep AWS safe for our customers. As part of your submission, please include in your cover letter a description of times you demonstrated great customer support, solved hard problems, or used dogged determination to see a solution all the way through. Please describe the events in a casual narrative voice, rather than a formal or bullet driven document.

Basic Qualifications

  • BS degree in Computer Science, MIS, Computer Engineering, or other technical degree or 4+ year's equivalent technology experience
  • Minimum of 4 years’ experience in one or more of the following: incident response, application security, network security, security operations, or network engineering.
  • Experience deploying, managing, or operating Linux, preferably in a data center environment.
  • Minimum of one year scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages.
  • Excellent written and oral communication skills
  • Strong sense of ownership, urgency, and drive
  • Sharp analytical abilities and proven technical architecture design skills

Preferred Qualifications

  • Previous experience on a Security Operations team, experience coordinating responses to security incidents, or operating in a SOC environment.
  • Demonstrated ability to achieve stretch goals in a highly innovative and fast paced environment
  • Experience in customer support, abuse management, incident handling, or forensics
  • Experience in Compliance Requirements (e.g. SOX, ISO, HIPPA, FedRamp, etc.)
  • Experience in automation of tasks through scripting or programming
  • Well-rounded background in host, network, and application security
  • Deep familiarity with standard Internet protocols (Ethernet, ARP, IP, ICMP, UDP, TCP, SSL, DNS, HTTP, etc.)
  • Experience with security best practices in server configuration, tool development, and access controls
  • Experience using, administrating, and deploying a variety of operating systems (esp Linux or other UNIX variants), preferably in a data center environment
  • Experience with Linux operating system development (at the kernel or device driver level) and virtualization technologies
  • Strong knowledge of data structures, algorithms, and designing for performance, scalability, and availability
  • Strong knowledge of web protocols and an in-depth knowledge of Linux/Unix tools and architecture
  • Security related certifications such as OSCP, CISSP, RHCSA, CompTIA Security+ Linux+, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH
  • Experience with TCP/IP, packet analysis, iptables
  • Data analysis skills using SQL, big data technologies (Hadoop/Pig/Hive/EMR), or scripting