Sr. Security Engineer - Incident Response, Consumer Logistics Security

Job summaryConsumer Logistics Security is seeking a Senior Security Engineer, to focus on Incident Response, who will build, test, deploy, and maintain scalable cybersecurity response processes and technology focused on the unique threats faced by Amazon's Worldwide Fulfillment Operations. The engineer will ensure that the company is prepared to respond effectively to cybersecurity events and that the appropriate processes, procedures and communication plans are maintained and tested periodically.Key Responsibilities:• Develop incident response framework for detections and alerts to response appropriately and timely to risks in our fulfillment centers• Learn about the operations business functions and how systems and software enable customer fulfillment to understand the threats they face • Analyze logging and alerting infrastructure to ensure appropriate coverage and capability • Coordinate with the global incident response organization to improve response and risk mitigation capabilities to streamline response and improve MTTR• Clearly identify the decision-makers and various roles and functions during a security incident and organize workflows and leverage security orchestration, automation, and response tools, when appropriate• Engage with executive stakeholders to ensure that business needs and expectations are understood and met • Confirm and test the business’s capability to detect, respond, recover and restore business operations during a security incident • Develop and report performance metrics that demonstrate readiness, business impact and risk reduction • Periodically evaluate existing systems and capabilities to ensure continued effectiveness

Basic Qualifications

· 5+ years of industry, academic, or military security engineering experience, including previous work in incident response and threat hunting· Experience developing Incident Response programs and platforms which leverage SIEM and SOAR technologies to scale· Experience developing security telemetry bus solutions for efficient and organized data onboarding.· Experience influencing without authority, dealing with ambiguity, and establishing clear priority and strategy· Experience thinking and communicating clearly and effectively during a security event· Hands-on experience with network and endpoint security monitoring solutions (e.g. Deep Packet Inspection, IDS , EDR, etc.), SIEM, and Security Orchestration Automation and Response (SOAR) tools

Preferred Qualifications

· 7+ years of total security engineering experience, including previous work in incident response and threat hunting in large enterprise environments· Familiarity with operational technology, industrial control or other cyber-physical systems· Experience in AWS and hybrid on-premise/cloud environments· Experience using version control and a CI/CD pipeline· Experience mentoring, developing, or training colleaguesAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/usAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.