Returning Candidate?

Incident Response Engineer

Incident Response Engineer

Job ID 
Posted Date 
Amazon Support Services Australia Pty Ltd
Position Category 
Systems, Quality, & Security Engineering
Recruiting Team 

Job Description

Amazon is seeking experienced Incident Response Engineers to join our Incident Response team and work within our global Security Operations Center. Join the team who work tirelessly responding to emerging security threats impacting Amazon and our customers. You are obsessed with customer trust and keep your composure in high-pressure situations. You will be solving security challenges at scale and working to protect the applications powering the most sophisticated e-commerce platform ever built.

The Incident Response Team is responsible for providing reliable and trusted incident coordination through efficient, systematic and precise response to dynamic threats impacting Amazon’s global enterprise and production environments. We are the last line of defence in protecting company and customer data.

  • Responding to information security incidents, including internal and targeted threats
  • Working directly with Amazon Information Security Professionals and tier one service owners to provide security engineering solutions and support during customer-facing incidents
  • Creating and maintaining incident documentation, participating in post-mortem incident analysis and writing incident reports
  • Participating in internal and external training to strengthen and mature Amazon's incident response capability and security posture
  • Providing technical guidance, leadership and assistance to Amazon Security Analysts and engineers, helping to mentor and develop first-tier security engineering personnel
  • Evangelizing security within Amazon and being an advocate for Customer Trust
  • Ability to work in a “follow the sun” rotation across and including weekends and holidays

Basic Qualifications

  • MS in Computer Science, Information Security, or equivalent professional experience
  • At least four years of system security, network, and/or application security experience
  • Strong technical knowledge in security engineering, system and network security, authentication and security protocols
  • Proficient in application security, computer forensics and malware analysis
  • Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
  • Excellent written and verbal communication skills

Preferred Qualifications

  • Experience with common IDS/IPS, networking monitoring, log analysis and forensic tools
  • Strong scripting skills in at least one of the following: Perl, Python, Ruby, or shell.
  • Experience working as part of a Computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT)