Data Security/ Compliance

Senior Security Engineer

  • Amazon
  • Dublin, Ireland, Europe
  • October 02, 2021
Security Engineer Systems Quality Security Engineering

The Role: As a Security Engineer you will help ensure our applications and services are designed and implemented to the highest standards. If you enjoy analyzing the security of applications and services, discovering and addressing security issues and quickly reacting to new threat scenarios, this position will provide you with a challenging opportunity. You will participate in security audits, risk analysis, vulnerability testing and security reviews across all elements of this project's software systems.

This role will draw on multiple disciplines:

  • Security Engineering: emphasis on operating systems and networking, foundational Internet services, modern exploitation techniques, and hacking tools.
  • Data Science and Intelligence Analysis: emphasis on detecting anomalies in large unstructured data sets, ability to synthesize data and reports from different sources, make logical inferences about that data, and publish results.
  • Software Development: ability to develop your own small tools and scripts to aid in data processing or other aspects of an investigation.
  • You will tackle challenging, novel situations every day and given the size of this initiative, you’ll have the opportunity to work with multiple technical teams at Amazon in different locations.
  • You should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven’t been solved at scale before.
  • Along the way, we guarantee that you’ll learn a ton, have fun and make a positive impact on millions of people.

BASIC QUALIFICATIONS

  • Bachelor’s degree in Computer Science or related field.
  • 6+ years of experience in Security Operations performing MDIR (monitoring, detection, interpretation, and response) and threat hunting.
  • 5+ years of experience in writing run books and standard operating procedures.
  • 5+ years of experience in running vulnerability scans, reviewing vulnerability assessment reports, and performing vulnerability mitigation.
  • 4+ years of experience in managing and configuring security monitoring tools (netflows, IDS, correlation rules, etc.).
  • 4+ years of experience in security engineering and network technologies (PCAP, Netflow), operating systems, network security, common attack patterns, and exploitation techniques.
  • Practical knowledge of system security analysis techniques such as threat modeling, attack graphs, etc.
  • Ability to develop small tools and scripts (Python, Ruby, Java, etc.)
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Excellent written and verbal communication skills.

PREFERRED QUALIFICATIONS

  • Security certifications (CISSP, GCIA GCIH, GCFA, GCFE, etc.)
  • Master’s or PhD in Computer Science or related field.
  • Ability to write fully functional exploits for common vulnerabilities such as simple stack overflow, cross-site scripting, or SQL injection.
  • Experience in using standard security assessment and penetration testing tools such as BurpSuite, Metasploit, and IDA Pro.
  • Data Science techniques such as clustering, anomaly detection, and machine learning leveraging data analysis tools such as OSSEC, Splunk,
  • Behavioral Analytics, SQL, R, or MatLab
  • Experience with risk management.
  • Deep understanding of using threat intelligence.
  • Knowledge in performing digital forensics.
  • Experience in cloud security.
  • Knowledge of technical security issues facing large multinational companies.
Apply
Related News