SecurityIntelligenceEngineer

We are open to hiring candidates to work out of one of the following locations: Annapolis Junction, MD, USA | Arlington, VA, USA | Austin, TX, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, USA The Threat Intelligence for Global Enterprise Response (TIGER) team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing actionable intelligence on advanced cyber threats to Amazon employees and company assets. Our intelligence supports incident response teams, red teams, detections teams and teams working to prevent financial loss to the company. We obtain indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of sophisticated actors and their tools, techniques, and procedures. We then leverage that understanding to proactively identify and mitigate malicious activity. This position requires that the candidate selected be a US Citizen. The successful candidate will analyze indicators to generate actionable intelligence and insight into current threats. As a Security Intelligence Engineer, you will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current cyber threat actors and TTPs as well as experience performing question-driven analysis is required. You will leverage your understanding of networking- and host-based indicators, digital forensics, and database querying as you investigate incidents and threats as well. Key job responsibilities - Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities. - Create security techniques and automation for internal use that enable you to operate at high speed and broad scale. - Contribute to Amazon's understanding of the current threat landscape and the techniques, tactics, and procedures associated with specific threats. - Perform deep dive analysis of malicious art