Amazon.com Services LLC
Security
SeniorIncidentResponseEngineer,Devices&ServicesSecurity
“Senior Incident Response Engineer, Devices & Services Security at Amazon.com Services LLC. Skills: Incident response, Security engineering, Detection engineering. Investigate security incidents. Respond to security incidents”
What You'll Achieve.
Reduce or eliminate risk; Improve security for Amazon products; Improve security for Amazon services
Industry & Context.
Problem-solvers; Investigative instincts; Troubleshooting
On-call rotation
What They're Looking For.
Must Have
5+ years cybersecurity experience, Incident response experience, Detection engineering experience, Security operations experience, Working knowledge of AWS, Working knowledge of WAF, Working knowledge of EDR/XDR tools, Working knowledge of network telemetry, Working knowledge of log analysis, Practical knowledge of attacker TTPs, Experience leveraging MITRE ATT&CK, Interpersonal skills, Communication skills, Proficiency with scripting, Proficiency with automation
Nice to Have
Proficiency with SIEM platform, Writing SIEM searches, Creating SIEM alerts, Analyzing SIEM log data, Forensic techniques, Threat hunting techniques, Identify adversary behavior, Detect anomalies, Analyze malware, Experience in large enterprise environments, Supporting multiple business lines, Experience securing distributed systems, Responding to incidents in distributed systems, Experience with cloud-native architectures, Experience with service-oriented environments, Experience with IoT device security, Experience with embedded systems forensics
What You'll Do.
Investigate security incidents
Respond to security incidents
Drive effective response
Act as incident responder
Act as incident commander
Coordinate technical response
Keep stakeholders informed
Conduct post-mortem analysis
Identify security improvement opportunities
Consult with builder teams
Ensure security designed into products
Collaborate with stakeholders
Execute incident response
Respond to detections
Develop prevention capabilities
Develop detection capabilities
Develop response capabilities
Increase capability through automation
Increase efficiency through automation
Increase signal quality using AI/ML
Assist in runbook development
Assist in playbook tuning
Drive process improvements
Coordinate response efforts
Maintain WAF products
Protect services from abuse
Extract information from logs
Extract information from databases
Extract information from services
Spearhead incident response
Drive decision-making
Conduct impact assessments
Implement containment strategies
Develop durable solutions
Proactively hunt threats
Create new detection mechanisms
Consult on security for new product designs
Identify hidden vulnerabilities
How You'll Work.
Team & Collaboration
Cross-functional teams; Global Amazon Security team; Other Incident Response teams
Communication Scope
Clear communication; Stakeholder communication
Process & Methodology
Runbook development, Playbook tuning
Applying for this Senior Incident Response Engineer, Devices & Services Security role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Amazon.com Services LLC?
Real rants from real employees. Read before you apply.