Senior Security Intelligence Engineer, Incident Response Threat Intelligence, ACTI

Job ID: 2938328 | Amazon.com Services LLC

We are open to hiring candidates to work out of one of the following locations:
Annapolis Junction, MD, USA | Arlington, VA, USA | Austin, TX, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, USA

The Threat Intelligence for Global Enterprise Response (TIGER) team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing actionable intelligence on advanced cyber threats to Amazon employees and company assets. Our intelligence supports incident response teams, red teams, detections teams and teams working to prevent financial loss to the company. We obtain indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of sophisticated actors and their tools, techniques, and procedures. We then leverage that understanding to proactively identify and mitigate malicious activity.

The successful candidate will analyze indicators to generate actionable intelligence and insight into current threats. As a Security Intelligence Engineer, you will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current cyber threat actors and TTPs as well as experience performing question-driven analysis is required. You will leverage your understanding of networking- and host-based indicators, digital forensics, and database querying as you investigate incidents and threats as well.

This position requires that the candidate selected be a US Citizen.

1. Perform deep dive analysis of malicious artifacts.
2. Analyze large and unstructured data sets to discover new threats, uncover trends, and identify anomalies indicative of malicious activities.
3. Create security techniques and automation for internal use that enable you and others to operate at high speed and broad scale.
4. Contribute to Amazon's understanding of the current threat landscape and the techniques, tactics, and procedures associated with specific threats.
5. Draft and publish finished written threat intelligence products based on findings.
6. Periodic on-call responsibilities.

• BS degree in Computer Science, Management of Information Systems (MIS), Computer Engineering, or similar degree, or 5+ years equivalent technology experience without a degree
• 5 years experience with tracking high-sophistication cyber threat groups
• 5 years experience across system security, network security, application security, and/or digital forensics
• 2 years experience building scripting and automation using Python or similar programming languages
• 2 years experience with SQL or other relational database query languages

• MS degree in Computer Science, Management of Information Systems (MIS), Computer Engineering, or similar degree.
• Strong understanding of Windows, Linux, and or OS X internals
• Experience with malware analysis, network flow analysis, and large scale data analysis
• Experience with modern threat intelligence platforms (TIPs), especially the Vertex Project's Synapse, and their APIs
• Experience building and conducting analysis leveraging AWS services
• Experience building automated tools in the Python programming language

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit accommodations for more information.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit employee benefits.