Amazon

Returning Candidate?

Security Operations Engineer, AWS - Herndon, VA

Security Operations Engineer, AWS - Herndon, VA

Job ID 
567055
Location 
US-VA-Herndon
Posted Date 
10/9/2017
Company 
Amazon Web Services, Inc.
Position Category 
Systems, Quality, & Security Engineering
Recruiting Team 
..

Job Description

Amazon Web Services (AWS) is the largest Cloud provider in the world and our security teams work some of the most challenging and interesting problems to effectively mitigate large-scale threats. Incident response at this level is a high-judgment and fast-paced environment. The dynamic nature of AWS technologies, the visibility of the brands running on our platforms and the complexity of issues result in a potent combination of challenges that require intelligence, flexibility, tenacity, and creativity to be successful.

The Security Operations Team is the incident response team for AWS. We are looking for a seasoned Security Engineer with deep technical skills and problem-solving abilities to take on a leadership role in addressing security issues. We are looking for an individual who has the passion for engineering solutions to complex security challenges, can recognize gaps in capabilities, fill them in a rapid manner, and quickly design and build internal-facing tools that enable scaled programmatic automation.

This position requires a person who can proactively identify security flaws and vulnerabilities, and can think both like an attacker and defender. The successful candidate will be required to identify which issues really do and do not matter, exercise risk-based judgment, and to push teams to make the right security decisions and priorities. The successful candidate will have a good mix of deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, malware analysis, forensics, security operations, incident response, and/or threat intelligence.

An ideal candidate should be able to accomplish most of the following:
  • Aggressively and intelligently respond to security incidents and proactively consider how to prevent the same type of incidents from occurring in the future.
  • Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
  • Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
  • Evaluate the impact to the organization of current security trends, advisories, publications, and academic research.
  • Coordinate responses as necessary across affected teams to do the right thing for our customers and our organization.
  • Communicate effectively at multiple levels of sensitivity, and multiple audiences.
  • Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, and security intelligence.
  • Provide subject matter expertise on architecture, authentication and system security.
  • Provide mentorship to less-senior engineers.
  • Conduct sophisticated security reviews - from high level web application architecture to OS level parameters in order to meet security goals.
  • Fulfill periodic on-call responsibilities.

Basic Qualifications


  • BS degree in Computer Science, Computer Engineering, Electrical Engineering, or 5+ years’ equivalent technology experience.
  • 5 years’ demonstrated experience with focus in areas such as systems, network, and/or application security.
  • Strong demonstrated knowledge of web protocols and an in-depth knowledge of Linux/Unix tools and architecture.
  • Comprehension of algorithms and processes for programmatic automation via scripting or programming languages (Python, Ruby, Shell, Perl, C/C++, Java, etc.).

Preferred Qualifications

  • MS degree in Computer Science, Computer Engineering, Electrical Engineering, or 8+ years’ equivalent technology experience.
  • Well-rounded background in host, network and application security.
  • Ability to prioritize multiple tasks and projects in a dynamic environment.
  • Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business.
  • Previous experience on a Security Operations team, or experience, coordinating responses to security incidents.
  • Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
  • Extensive knowledge of internet security issues and threat landscape.
  • Experience with virtualization technologies, familiarity with AWS services is highly valued in particular.
Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.