Members of the Amazon Web Service’s Security Services team build customer facing services that are designed to protect millions of customers around the globe. This is an advanced engineering team that is using cutting edge techniques to help customers assess, monitor and protect their cloud based resources. We are looking for an experienced security engineer with red team penetration testing skills to join this team to research, tune and validate our detection mechanisms.
This position will be working on Amazon GuardDuty, which is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. (https://aws.amazon.com/guardduty/)
A successful candidate for this role will have a deep understanding of both information security and computer science. If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in network resources, develop out of the box techniques, and communicate complex info in a digestible manner, you could be an ideal candidate.
The scope of this role includes researching attack patterns, building attack simulations, active testing, and mentoring data scientists and software engineers. In this role, you will interface with many internal security teams to keep up to date with the latest attack techniques.
As a Security Engineer, you’ll:
· Recognize and safely utilize attacker tools, tactics and procedures
· Develop scripts, tools or methodologies to enhance red team capabilities
· Work with data scientists to help develop and test detections for complex exploitation patterns
· Build simulations to validate tools and techniques
· Advise broader team on current threat landscape, tools & techniques
· Create Intellectual Property, influence others while demonstrating significant creativity and being vocally self-critical
· BS or MS in Computer Science, Math, or some other quantitative discipline
· 5+ years’ experience with focus on system, network and/or application security
· 5+ years of experience building automated tools in a modern programming language
· MS in Computer Science or Computer Engineering or related quantitative discipline
· Data-driven and quantitative mentality. Always backs up ideas with facts.
· Experience with virtualization technologies and familiarity with AWS services
· Strong knowledge of web protocols and in-depth knowledge of linux tools and architecture
· Knowledge of modern exploitation techniques and methods for remaining stealthy
· Strong communication skills
· Desire and energy to work in a fast-paced environment
Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.