SecurityEngineer,AWSSecurityIncidentResponse

AWS Security Incident Response is looking for technical Security Engineers that are passionate about learning new concepts and work well within a team environment to keep customers secure. We value engineers that can work through ambiguity to identify suspicious activity, lead security response, and can explain technical security concepts to non-technical audiences. Key job responsibilities - Hold or be able to attain an Australian Government Security Vetting Agency clearance (see https://www1.defence.gov.au/security/clearances) - Respond to threat findings that indicate unauthorized activity has occurred - Identify and recommend solutions that improve or expand AWS SIR capabilities, security automation. - Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future. - Working alongside and mentoring information security engineers to improve security, reduce and quickly address risk. - Identify, evaluate and communicate security threats, risks and vulnerabilities, and propose recommended remediation for security issues. - Track and report on the effectiveness of AWS detective controls such as Amazon GuardDuty and partner products such as CrowdStrike Falcon or Wiz Defend - Develop processes and policies to increase security response effectiveness. - On-call support: This role requires periodic on-call responsibilities including weekends. A day in the life As a Security Engineer in AWS Security Incident Response, your responsibilities include monitoring networks and systems for potential threats, performing triage for security alerts, documenting suspicious activity, and reporting issues so they can be adequately handled. You will work alongside our security engineers and partner teams to perform daily threat detection and incident response, using the full capability of AWS technologies and services to detect and mitigate cyber threats at a massive scale