Description

　　At Amazon Web Services (AWS), we provide world-class, flexible, scalable, and secure cloud services to the world’s fastest growing startups, the largest enterprises, and leading government agencies. We do this by building, maintaining, and securing one of the largest, most complex infrastructures in the world. Within AWS, the Infrastructure Security – Threat, Vulnerability, and Operations (InfraSec-TVO) organization is comprised of multiple teams responsible for threat intelligence, vulnerability management, and security operations across the global AWS infrastructure.

　　InfraSec-TVO is looking for a Security Engineer with deep expertise in vulnerability management and security risk response to join us in building and maturing the Infrastructure Security Vulnerability Management program. In this role, you will be responsible for leading the identification, assessment, and remediation of threats and vulnerabilities across millions of infrastructure assets. You will leverage relationships with device owners, infrastructure engineers, and leaders throughout AWS to prioritize risk assessments and the implementation of mitigating controls. Finally, you will work with other InfraSec-TVO security engineers and software developers on improving processes and tooling for not only threat and vulnerability management, but also security information and event management (SIEM), detection engineering, incident response, and application security.

　　AWS leads and innovates. We don’t just buy off-the-shelf software or follow others. We research and pursue the best approach for the business, whether that’s building new solutions or leveraging existing ones. AWS, and Infrastructure Security in particular, operate at massive scale and as a result, demand the highest standards, passion, and discipline for information security and software engineering. A high level of ownership and accountability is a must for this role.

　　We are open to hiring candidates to work out of one of the following locations:

　　Herndon, VA, USA | Minneapolis, MN, USA | Seattle, WA, USA

　　Basic Qualifications

　　Bachelor’s Degree in Computer Science, Information Security, Information Technology, or equivalent work experience

　　Minimum of three (3) years of experience in threat intelligence, vulnerability management, or other related discipline

　　Preferred Qualifications

　　Experience performing risk assessments of vulnerabilities and evaluating mitigating controls in large, complex networks

　　Experience using internal and external threat intelligence sources to produce actionable threat intelligence that drives prioritization and remediation of security risk

　　A strong understanding of core internet and networking technologies (routing protocols, network architecture, TCP/IP, etc.)

　　Linux systems engineering skills and a solid grasp on operating system fundamentals

　　Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)

　　Relevant industry certifications (ISC2, ISACA, SANS/GIAC, CompTIA, Microsoft, Linux, AWS)

　　Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries

　　Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

　　Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $135,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.