Security Operations Analyst, Security Cloud Response

Job summaryThe AWS Cloud Response Team is responsible for the security and availability of AWS Cloud services. Our primary focus is to ensure the security of our cloud products and continuously raise the security bar for our customers. This role requires Security Analysts to work with internal stakeholders to solve security challenges at massive scale, and to think strategically to develop and implement changes to drive automation, scalability, and continuous improvements across the organization.We’re looking for talented IT and/or project management-savvy professionals with a passion for security who thrive in high pressure environments to help us continue to raise the security bar for cloud computing.This role will be located in Herndon, VASuccessful candidates should:

• be able to understand technical vs. business risks and consistently drive internal engineering teams to take the correct actions to mitigate risks in a timely manner.
• actively seek areas of opportunity to improve the Security Incident Handling Lifecycle, saving time/effort while continuously delivering higher-quality outcomes for the security of AWS customers.
• demonstrate a mix of both broad and deep process and/or technical knowledge.
• be passionate and knowledgeable in the fields of process improvement, risk assessment, network and operating system security, software security, and security operations.
• possess a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include small-project and software development work.
• be comfortable exemplifying the Amazonian Leadership Principle of "Deliver Results" and "Bias for Action", challenging decisions and escalating when appropriate.

Key job responsibilities

• Manage security issues and engage with partner security teams and internal service teams to ensure timely remediation of issues, escalating as necessary to ensure appropriate levels of urgency and engagement.
• Participate in efforts to promote security throughout the Company and build good working relationships within the team and with others across Amazon.
• Demonstrate high capacity and tolerance for extreme context switching and interruptions while remaining productive and effective.
• Proactive knowledge-sharing within the team and across the company.

A day in the lifeIn the morning you will take handover from the previous site and be delegated ownership of various security issues presently in-flight. These issues could relate to any of our 200+ products, so you will often need to learn on the go.You will engage various stakeholders, such as the internal service team who actually needs to fix the issue, along with AWS Security Leadership, Legal, and the leadership from the impacted service team.At the end of the day, you will document all the issues you are tracking so they can be taken over by the site relieving you.About the teamOur team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded security champion and enable them to take on more complex and higher-risk tasks in the future.Our team also puts a high value on work-life harmony. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work. Our global on-call rotation ensures issues are handled 24x7 without the need to interrupt typical sleep schedules.

Basic Qualifications

· BS degree in Information Technology, Information Security, Computer Science, Computer Engineering, Electrical Engineering, or 2+ years equivalent technology experience.· 2+ years of demonstrated experience with a focus in areas such as systems, network, and/or application security/audit, cyber security.

Preferred Qualifications

· 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.· Design and coordinate cohesive responses to security events that involve multiple teams across an organization.· Confidently and intelligently respond to security incidents, and programmatically prevent the same type of incidents from occurring in the future.· Ability to prioritize multiple tasks and projects.· Have a passion to learn and thrive in a dynamic and constantly changing environment.· Experience with virtualization technologies, especially with AWS services.· Relevant industry certifications such as CISSP, GIAC, ISC2, CompTia, etc.· Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.· Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.· Understanding of best practices across multiple security disciplines/domains.· Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.· Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.· Meets/exceeds Amazon’s Leadership Principle requirements for this role.· Meets/exceeds Amazon’s functional/technical depth and complexity for this role.Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.