Job Description

DESCRIPTION Amazon is seeking highly motivated Security Engineers to join our world-class Amazon Security organization and work within the investigations function of our Internal Threat Reduction team to help protect Amazon from insider attacks. This role is responsible for leading end-to-end insider threat and forensics investigations across Amazon Stores organization and will have the opportunities to research and innovate engineering solutions to improve investigative operations. As part of the Investigations team, you will also participate in building large scale, customized tools that enable you and the team to rapidly investigate, proactively detect, and increase collaboration across partner teams. A Security Engineer at Amazon is expected to be strong in multiple domains. Engineers in this role work closely with teams throughout Amazon Security, such as Incident Response, Threat Intelligence, and Legal teams, and provide technical leadership and advice to our customers and partners throughout Amazon. Engineers in this role must demonstrate resilience and navigate difficult situations with composure and tact. This role will be expected to provide thought leadership for the organization as you invent and innovate in the course of their duties. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its customers secure. Key job responsibilities - Serve as a primary insider threat and forensics investigator, using an array to tools and capabilities to investigate internal threat cases. - Provide subject matter expertise in all aspects of insider threat and forensics investigations. - Provide analytical and operational support to internal risk investigations, mitigation, and program objectives. - Participate in on-call rotation and lead large-scale incidents requiring parallel investigations, executive communications, reports, and after-action analysis across a global scale. - Communicating effectively with varying audiences at multiple levels of sensitivity, often including legal, human resources, business leaders, and partner information technology and information security teams. - Keeping your knowledge and skills current with the rapidly changing threat landscape. Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon. BASIC QUALIFICATIONS - BS in Computer Science or related field, or equivalent work experience. - 3+ years of demonstrated experience in an Information Security or Investigative role, preferably in digital forensics, incident response, internal threat (aka insider threat) investigations, or a technical engineering role. - 1+ years of hands-on experience working in a SOC or operational environment, with understanding of all phases of a typical incident response process. - Advanced knowledge and understanding of key security engineering fields, such as host-based forensics, network forensics, mobile/IoT forensics, OSINT, security control validation and defense, log analysis and DLP/SIEM/EDR. - Effective written and verbal communication skills to communicate security and business risk to a broad range of technical and non-technical audiences. PREFERRED QUALIFICATIONS - Experience using open-source and/or commercial forensics tools such as Magnet Axiom, Nuix, Cellebrite Digital Collector and Digital Inspector. - Advanced knowledge and understanding of anti-forensics techniques. - Relevant industry certifications or training which demonstrate intimate familiarity with the forensics investigations or insider threat discipline (e.g., CFCE, GCFE, GASF, GIME, GCFA, GNFA or CERT, CCITP, NITTF). - Experience with digital forensics as part of legal proceedings (e.g., evidence handling, affidavits, testimony). - Ability to make concrete progress in the face of ambiguity and imperfect knowledge. - Experience with AWS cloud solutions for automation development. - Coding proficiency in Python, Go, or similar language. Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial +44 800 086 9884 (tel:+448000869884). If calling from Ireland, please dial +353 1800 851 489 (tel:+3531800851489).