The Amazon Web Services (AWS) Sales, Marketing, and Global Services (SMGS) mission is to enable the AWS field organization to be the most efficient and effective in the world. Our SMGS Security Escalations team builds and maintains org-wide mechanisms to inspect security within SMGS. We identify security challenges, catalyze action to build or improve security mechanisms, and measure security outcomes within SMGS in order to achieve the security outcomes that AWS customers expect. SMGS is looking for a talented Security Engineer, Incident Response who possesses a strong expertise in software and systems, combined with a genuine enthusiasm for security and cloud computing.
SMGS makes broad use of AWS platforms and technologies including cloud services, identity and access management, big data and analytics, all operating at massive scale with consistent growth. SMGS Security helps internal teams with each step of deployment and leads inspection of SMGS’s security posture. Our highly collaborative team is committed to each team member’s growth as our business and team grows. We require engineers to work tactically with both internal and external stakeholders to solve security challenges at massive scale, and to think strategically to develop and implement changes to drive automation, scalability and continuous progress for the organization.
This role will provide career growth opportunities as you gain new security skills in the course of your work. The Security Engineer role in SMGS Security Escalations has two key aspects: on-call operational excellence and capability development. Security engineers in SMGS have an opportunity to experiment, learn, build tools, and work with teams building new technology and services at massive scale. Security engineers at all levels have the opportunity to learn from and be mentored by those who are building and securing our cutting-edge services. A security engineer is also expected to be a mentor for others and be a trusted security advisor within the organization
A Security Engineer at Amazon is expected to have technical expertise in multiple domains and provide significant contributions to the SMGS Security team and to multiple groups throughout Amazon. Security Engineers are expected to take a technically-applied role in assessing and responding to security issues affecting our SMGS services and customers. This role requires a security engineer that can be recognized as an expert within SMGS Security and by teams throughout AWS, while being able to apply security engineering best practices in a broad range of technical areas.
The SMGS Security team is looking for a focused Security Engineer who can take on a leadership role in responding to security issues across the largest cloud provider in the world. You must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right time frames to mitigate risks.
We are looking for someone who can balance technical risks against business risks and consistently drive for the right results. You must have the passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is a plus.
Up to 10% travel expected.
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
* Confidently and intelligently respond to security incidents. Design and prioritize changes to prevent reoccurrence.
* Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
* Build internal security utilities and tools that enable your security team to operate at high speed and wide scale.
* Evaluate the impact to the organization of current security trends, advisories, publications, and academic research. Coordinate responses across SMGS teams to do the right thing for our customers and our organization.
* Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences.
* Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence.
* Provide subject matter expertise on architecture, authentication and system security.
* Fulfill regular on-call responsibilities.
About the team
Our team puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Why AWS?
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
About AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.
Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
BASIC QUALIFICATIONS
- Experience performing security investigations, penetration testing and/or incident response in the context of large organizations
- Experience using big data analytics and orchestration to address security challenges
- Experience with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
PREFERRED QUALIFICATIONS
- GCIH (GIAC Certified Incident Handler) or GSEC (GIAC Security Essentials) or Security+
- Experience detecting and defending from security threats and cyber attacks
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $125,500/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.