Sr. Security Intelligence Engineer , Threat Intelligence for Global Enterprise Response
About the role
The Threat Intelligence for Global Enterprise Response (TIGER) team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing actionable intelligence on advanced cyber threats to Amazon employees and company assets. We obtain indicators and other intelligence from a variety of internal and external sources and use that information to develop an understanding of sophisticated actors and their tools, techniques, and procedures (TTPs). Our intelligence supports incident response teams, red teams, detections teams and teams working to prevent financial loss to the company. We leverage that understanding to proactively identify and mitigate malicious activity.
Responsibilities
- Draft and publish finished written threat intelligence products based on findings.
- Analyze large and unstructured data sets to discover new threats, uncover trends, and identify anomalies indicative of malicious activities.
- Perform deep dive analysis of malicious artifacts.
- Create security techniques and automation for internal use that enable you and others to operate at high speed and broad scale.
- Contribute to Amazon's understanding of the current threat landscape and the techniques, tactics, and procedures associated with specific threats.
- Periodic on-call responsibilities.
Requirements
- Bachelor's degree in Computer Science or a related field
- 5+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience
- Experience that includes strong analytical skills, attention to detail, and effective communication abilities
- Extensive experience tracking sophisticated cyber threat groups (5+ years)
Qualifications
- Master's degree in Computer Science or a related field
- Strong understanding of Windows, Linux, and/or OS X internals
- Experience with malware analysis, network flow analysis, and large scale data analysis
- Experience with modern threat intelligence platforms (TIPs), especially the Vertex Project's Synapse, and their APIs
- Experience building and conducting analysis leveraging AWS services
- Experience building automated tools in the Python programming language
Skills
- Strong analytical skills
- Attention to detail
- Effective communication abilities
Benefits
- Comprehensive benefits including health insurance, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage
- 401(k) matching
- Paid time off
- Parental leave
Pay
Base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location.
USA, TX, Austin - $178,400.00 - $226,700.00 USD annually
USA, VA, Arlington - $178,400.00 - $226,700.00 USD annually
USA, VA, Herndon - $178,400.00 - $226,700.00 USD annually
USA, WA, Seattle - $178,400.00 - $226,700.00 USD annually
Schedule
This position involves on-call responsibilities, typically for one week every two months. We don’t like getting paged in the middle of the night or on the weekend, so we work to ensure that our systems are fault tolerant. When we do get paged, we work together to resolve the root cause so that we don’t get paged for the same issue twice.