Security Engineer , Threat Hunting

Job summaryAmazon is seeking to a qualified Security Engineer to join our innovative, high energy Threat Hunting team and work within the Amazon Security Incident Response Team (SIRT) in Sydney.Threat Hunting plays a crucial role in a modern Information Security organization, detecting and defending against attacks in an every-changing threat landscape requires creativity and ingenuity. This role is behind the keyboard for the hunt, helping to root out known and unknown malicious activities from the environment using a variety of dynamic methods, tools, and procedures.Creativity and curiosity are imperative in this role in order to think like and find adversaries, and investments are made into Threat Hunters to ensure they have the skills, training and tools to do so. Key responsibilities include:. Identifying, researching, and prioritizing threats and threat actors for hunting within Amazon’s network.Developing, maintaining, and improving hunting techniques, procedures, and tooling..Crafting Threat Hunting reports (methodologies and findings) that can be used to inform improvements .in security posture and the development of new detection mechanisms..Produce intelligence about adversaries and attacks that could impact Amazon.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, disability, age, or other legally protected status.For up to date news covering diversity and inclusion, sustainability and community engagement, please visit: https://www.aboutamazon.com.au/About the teamOur technology team operates from our fabulous offices in Sydney, Brisbane and Melbourne and from home (during COVID-19) leveraging technology.We embrace our differences. We are committed to furthering our culture of inclusion. We encourage team members to seek diverse perspectives, learn and be curious, and think big about solutions to the problems we are solving.It isn’t about which hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We offer flexibility and encourage you to find your own balance between your work and personal lives.

Basic Qualifications

· BS in Computer Science, Information Security, or equivalent professional experience.· 3+ years of information security experience, preferably in intrusion detection and response, threat hunting, or red/purple teams.· Advanced knowledge of network, system, and web application attacks and mitigations.· Deep understanding of adversary techniques and the signals they generate.· Expertise in tools and techniques for analyzing large sets of data· Strong verbal and written communication skills.· Experience developing software automation solutions.. Ability to work with a high degree of autonomy.. Scripting skills (E.g: Python, Perl, Bash, PowerShell, etc.).

Preferred Qualifications

· Relevant industry certifications which demonstrate intimate familiarity with the cyber-attack lifecycle (e.g. GMON, GDAT, GCIH, GCFA, GREM, OSCP).· 3+ years’ experience creating, analyzing and responding to security alerts from large scale, complex networks.· Experience leveraging data science/machine learning techniques to detect anomalous security events.· Experience with Amazon Web Services.