DESCRIPTION

Job summary
Job summary
The Team: Go is a new kind of store with no lines and no checkout—you just grab and go! Customers simply use the Amazon Go app to enter the store, take what they want from our selection of fresh, delicious meals and grocery essentials, and go!

Our checkout-free shopping experience is made possible by our Just Walk Out Technology, which automatically detects when products are taken from or returned to the shelves and keeps track of them in a virtual cart. When you are done shopping, you can just leave the store. Shortly after, we will charge your Amazon account and send you a receipt. Check it out at amazon.com/go. Designed and custom-built by Amazonians, our Just Walk Out Technology uses a variety of technologies including computer vision, sensor fusion, and advanced machine learning. Innovation is part of our DNA! Our goal is to be Earths’ most customer centric company, and we are just getting started. We need people who want to join an ambitious program that continues to push the state of the art in computer vision, machine learning, distributed systems and hardware design.

The Role:

The Security Engineer is responsible for MDIR (monitoring, detection, interpretation and response), including preparation, documentation, managing the Incident Response process end to end, and coordinating with teammates and other teams. Additional duties include security technology management and design, boundary and network defense, endpoint defense, vulnerability remediation, and threat hunting. The Security Engineer is also responsible for providing technical analysis and remediation of assets on the network during active incident response engagements. The Security Engineer must be able to provide forensic collection and analysis of infrastructure device logging information, as well as use threat hunting tooling during active incident response engagements. The Security Engineer is also tasked with vulnerability scanning and penetration testing duties as required. Security Engineers are prepared to design, implement, and maintain complex security technologies and projects that support the underlying security policies and procedures to protect information assets. Additionally, the Security Engineers provides input to the creation of new and updates to existing policies, standards, and practices as necessary.

This role will draw on multiple disciplines:

Incident Response: Triaging, recovering, and rebuilding Infrastructure devices during incidents while collecting forensic evidence for later analysis. Maintain skillset on security and vulnerability trends. Remediate systems based on supplied threat intelligence information. Recommend and remediate information systems based on incident attack vectors witnessed and exploited.
Security Engineering: Emphasis on operating systems and networking, foundational Internet services, modern exploitation techniques, and hacking tools.
Forensics: Ability to learn, modify and develop new forensic techniques, script and automate those techniques and think outside the box, not only defensively but as a threat actor.
Data Science and Intelligence Analysis: Emphasis on detecting anomalies in large unstructured data sets, ability to synthesize data and reports from different sources, make logical inferences about that data, and publish results.
Software Development: Ability to develop your own small tools and scripts to aid in data processing or other aspects of an investigation.

You will tackle challenging, novel situations every day and given the size of this initiative, you’ll have the opportunity to work with multiple technical teams at Amazon in different locations. You should be comfortable with a high degree of ambiguity and relish the idea of solving problems that haven’t been solved at scale before. Along the way, we guarantee that you’ll learn a ton, have fun and make a positive impact on millions of people.

BASIC QUALIFICATIONS

Bachelor’s degree in Computer Science or related field. – 5+ years of experience in Security Operations using performing Incident response, forensics and analysis. Expertise in writing run books, and complexity analysis.

Runs vulnerability scans and reviews vulnerability assessment reports. Manages and configures security monitoring tools (netflows, IDS, correlation rules, etc.).
Strong experience in security engineering and network technologies (PCAP, Netflow), Operating Systems and network security, common attack patterns and exploitation techniques.
Practical knowledge of system security analysis techniques such as threat modeling, attack graphs, etc…
Data Science techniques such as clustering, anomaly detection, and machine learning leveraging data analysis tools such as OSSEC, Splunk, Behavioral Analytics, SQL, R, or MatLab
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
Excellent written and verbal communication skills.

PREFERRED QUALIFICATIONS

Security certifications (CISSP, GCIA GCIH, GCFA, GCFE, etc.)
Master’s or PhD in Computer Science or related field.
Experience with Security Operations, Incident Response, Threat Hunting and Assurance methodologies e.g. fuzzing, static and dynamic code analysis.
Experience with common attack patterns and exploitation techniques. Ability to write fully functional exploits for common vulnerabilities such as simple stack overflow, cross-site scripting, or SQL injection.
Experience in using standard Security Assessment and Penetration Testing tools such as BurpSuite, Metasploit, and IDA Pro.
Knowledge of technical security issues facing large multinational companies.