Amazon
Are you committed to safeguarding Amazon's customers from the latest cyber threats? Join our dynamic team dedicated to creating innovative detection capabilities that protect against sophisticated attacks at a massive scale. As a Security Engineer on the Threat Discovery and Detection (TD2) team within Customer Service Security, you will play a critical role in developing and implementing advanced threat detection mechanisms to enhance Amazon's customer service operations.
In this role, you will:
Design, implement, and optimize detection rules and systems to monitor and analyze security-related activities throughout our infrastructure.
Develop scalable detection solutions that prioritize proactive threat identification, behavioral analysis, and risk mitigation.
Collaborate with data engineers, data scientists, and incident responders to translate security requirements into actionable detection capabilities.
Utilize cutting-edge security platforms and AWS services to create robust detection frameworks that shield our customers and systems from evolving security risks.
A typical day will involve:
Creating and implementing detection logic that identifies sophisticated attack patterns and anomalous behaviors.
Researching and analyzing emerging attack patterns to improve detection capabilities.
Collaborating with data teams to enhance the effectiveness of detection systems.
Presenting detection strategies to stakeholders, incorporating their feedback into your implementations.
Troubleshooting detection accuracy issues and fine-tuning rules to minimize false positives.
The TD2 team is vital to the Customer Service Security organization, focusing on protecting Amazon customer data and ensuring operational integrity through advanced detection techniques and continuous monitoring. We develop innovative solutions to identify internal threats impacting Customer Service and build a robust multi-layered defense strategy. We're looking to expand our detection coverage, implement machine learning-based detection capabilities, and enhance our real-time threat identification abilities.
Qualifications:
Basic Qualifications:
Bachelor's degree in Computer Science, Cybersecurity, or a related technical field.
1+ years of experience in security engineering or a related field.
Strong programming skills in SQL, Python, Java, or similar languages.
Preferred Qualifications:
Master's degree in Computer Science, Cybersecurity, or a related technical field.
Familiarity with threat hunting and incident response processes.
Experience with cloud technologies (AWS preferred, Azure, Google Cloud, etc.).
Experience with SIEM platforms and security monitoring tools.
Understanding of the MITRE ATT&CK framework and attack methodologies.
Expertise in developing and implementing detection rules and logic.
This position is located at Amazon.com Services LLC. Our compensation reflects the cost of labor across several US geographic markets and will vary based on factors such as market location and job-related knowledge, skills, and experience.