Security Incident Response Engineer

Join the Amazon Web Services (AWS) team as a passionate Security Incident Response Engineer. In this role, you will take the lead in responding to security issues across the world's largest cloud provider. You will work effectively in dynamic and ambiguous situations, employing a dual mindset of both an attacker and defender, while managing the entire incident response lifecycle. Your responsibilities will involve conducting security monitoring and response activities for Amazon's internal network, enhancing our security posture. We value a broad and deep technical knowledge base, particularly in operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emerging security intelligence. While you don't need to be an expert in every area, a strong desire to learn and grow in these domains is essential. You will utilize your creative and critical problem-solving skills to design and build automation tools that operate at massive scale, addressing complex security challenges. A genuine passion for information security, a keen understanding of the threat landscape, and a drive for security automation and tooling will make you a perfect fit. At Amazon Security, we celebrate diverse experiences and encourage candidates from unique backgrounds to apply, even if they do not meet all the qualifications listed. Security is at the heart of Amazon's commitment to customer trust and satisfaction, and you'll have the opportunity to grow your career across various sectors including cloud, devices, retail, and more. We place a high value on inclusivity and continuous learning. Our team actively engages in ongoing diversity, equity, and inclusion (DEI) initiatives to foster a supportive environment. Additionally, we are committed to work-life balance with flexible schedules to ensure your success both at work and at home. Basic Qualifications: Bachelor's degree in computer science or equivalent. 5+ years of demonstrated experience focused on systems, network, and/or application security. 3+ years of experience on a Security Operations team coordinating responses to security incidents. Proficiency in at least one high-level programming or scripting language. Preferred Qualifications: 3+ years of experience in detection engineering supporting incident response and threat intel operations. 5+ years in incident response, security automation tooling, threat intelligence, or forensics. Experience with Amazon Web Services. Proficiency in at least one of the following domains: Malware Analysis, Digital Forensics, Security Tool Development, Programming/Scripting, Network & OS Security, Identity Management. Amazon is an equal opportunity employer and does not discriminate based on protected veteran status, disability, or other legally protected statuses. If you require workplace accommodations during the application and hiring process, please notify our Recruiting Partner. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest market. Compensation may vary depending on job-related knowledge and experience. This position will remain posted until filled. Applicants should apply via our internal or external career site.