Security Engineer, Elastic Compute Cloud (EC2)

Job description

DESCRIPTION

Are you up to the challenge of helping secure the largest managed infrastructure in the world? The EC2 Security team is looking for security engineers who are ready to roll up their sleeves and dive into security issues at scale. We are looking for people with a passion for keeping customers secure by engineering novel solutions to complex security challenges. EC2 needs people who seek root causes like they are quests in Middle Earth, slaying dragons as a matter of course! Then once done, switching metaphors and immediately gracefully diving into a big data pool for more targets, like an orca showing off in the Puget Sound.

This position requires a person with a security background who will show EC2's security leadership by proactively identifying security flaws and vulnerabilities, quickly determining the potential risk of externally reported issues, driving for the right architecture decisions across many different teams to harden our infrastructure, and educating other members of the security operations team. Security Engineering and Operations is part of how we keep our customer safe in a continuously changing world.

As part of this, you will:
· Triage and respond to security issues, and quickly determine mitigations that work at scale.
· Define and create the processes, tools, and auto-detection technologies to mitigate abusive activities, such as botnets, DDoS, and spamming
· Partner with teams throughout the company to develop pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk
· Show leadership by mentoring, and educating other members of the EC2 teams
· Share on-call responsibilities to make sure we’re always ready when new threats emerge.

EC2 is continually responding to customer feedback with new functionality. As part of making sure everything we provide meets our customer’s security needs, you will:
· Provide subject matter expertise on architecture, authentication, and system security
· Conduct sophisticated security reviews - from high-level web application architecture to OS level parameters
· Solve problems at their root, stepping back to understand the broader context, and implementing fixes to ensure that an issue will never happen again
· Maintain an understanding of the Internet threat environment and how it affects the company and keep knowledge and skills current with the rapidly changing threat landscape
· Improve EC2 Security service offerings to help our customers to protect their applications against attacks

Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation

PREFERRED QUALIFICATIONS

· Previous experience on a Security Operations team, experience coordinating responses to security incidents, or operating in a SOC environment.
· Experience in customer support, abuse management, incident handling, or forensics
· Experience in Compliance Requirements (e.g. SOX, ISO, HIPAA, FedRamp, etc.)
· Experience in automation of tasks through scripting or programming
· Well-rounded background in host, network, and application security*Deep familiarity with standard Internet protocols (Ethernet, ARP, IP, ICMP, UDP, TCP, SSL, DNS, HTTP, etc.)
· Experience with security best practices in server configuration, tool development, and access controls
· Experience using, administrating, and deploying a variety of operating systems (esp Linux or other UNIX variants), preferably in a datacenter environment
· Experience with Linux operating system development (at the kernel or device driver level) and virtualization technologies
· Strong knowledge of web protocols and an in-depth knowledge of Linux/Unix tools and architecture
· Security related certifications such as OSCP, CISSP, RHCSA, CompTIA Security+ Linux+, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH
· Experience with TCP/IP, packet analysis, iptables
· Data analysis skills using SQL, big data technologies (Hadoop/Pig/Hive/EMR), or scripting
· Excellent written and oral communication skills

Desired profile

BASIC QUALIFICATIONS

· BS degree in Computer Science, MIS, Computer Engineering, or other technical degree or 4+ year's equivalent technology experience
· 4+ years’ experience in one or more of the following: incident response, application security, network security, security operations, or network engineering.
· Experience deploying, managing, or operating Linux, preferably in a datacenter environment.
· Minimum of one year scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages.