SecurityEngineer

Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS’ highly secure infrastructure. AWS Security is looking for a Security Systems Engineer to play a pivotal role in ensuring the security and integrity of our systems and infrastructure. You will work closely with our security team to implement and maintain robust security measures that adhere to Australian Government security requirements, including the Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM). Key job responsibilities • Performing security event monitoring, incident management and response. • Develop, tune, and maintain SIEM detections, dashboards, and correlation rules • Conduct proactive threat hunting and analysis to identify suspicious behaviour • Investigate, respond and be the escalation point for security alerts and incidents • Support the integration and optimisation of security data sources within SIEM platforms • Contribute to continuous improvement of SOC processes and automation initiatives including authoring SOC SOP’s and runbooks. • Apply frameworks such as MITRE ATT&CK and NIST in concert with the ISM and PSPF to guide security operations. • Perform on-call duties as required, out of business hours. Hold or be able to attain an Australian Government Security Vetting Agency clearance (see https://www1.defence.gov.au/security/clearances) A day in the life A typical day for a Security Engineer may involve Responding to new detections: Monitor security alerts in real-time, investigate suspicious activities by analysing logs and network traffic, determine if incidents are legitimate threats or false positives, and coordinate i