Security Engineer, AWS SOC Incident Response

The Amazon Web Services Security Operations Center AWS-SOC Team manages security issues across the globe. The team is looking for a highly motivated, technically inclined individual to work as a Security Engineer. A successful candidate will need to embody our 16 leadership principles; especially in Learn and Be Curious, Earns Trust, and Dives Deep. You will work from the LHR14, London SOC location. You need to be comfortable working in a dynamic technical, and at times, ambiguous environment.



Key job responsibilities
- Monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time.
- Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities.
- Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident response activities.
- Maintain and optimize security information and event management systems and other security tools used in the SOC.
- Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture.

A day in the life
A day in the life
As a Security Engineer in Detections, your day revolves around safeguarding our digital assets. This position supports other AWS Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms.

About the team
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

BASIC QUALIFICATIONS

Bachelor's degree in computer science or equivalent
Knowledge of networking protocols such as HTTP, DNS and TCP/IP
Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language

PREFERRED QUALIFICATIONS

Experience with AWS products and services
Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
Experience with programming languages such as Python, Java, C++