Amazon is where women work

Home    Amazon    Jobs    Job

Job is no longer available

Incident Response Engineer


Dublin, Ireland


Amazon is looking for a qualified Incident Response Engineer to join our industry leading Information Security organization and work within our Security Operations Center. You will help protect network boundaries, keep computer systems and network devices hardened against attacks, and provide security services to protect highly sensitive data like passwords and customer information. Amazon Incident Response Engineers work hands-on with network equipment and actively monitor our systems for attacks and intrusions, using industry experience to own and drive the resolution of complex incidents and technical security issues.

In this role, you'll provide quality second-tier security event management, including security engineering and policy analysis while driving critical vulnerability management initiatives across Amazon's global enterprise and production environments. You will have experience working in a busy online operations environment and have previous experience in computer and/or product incident response using Security Information Event Management (SIEM) systems, network and host-based Intrusion Detection and Prevention (IDS/IPS) systems and log analysis tools for at least one large-scale enterprise environment. Knowledge of the Linux operating system is required in addition to a passion for security and working with new technologies.

If you enjoy working in a highly technical and rapidly changing environment, being a first-responder to threats and events and continually improving your security skillset, this position will provide you with a unique and challenging opportunity to defend Amazon’s vast and varied environment in an online world where threats grow ever more sophisticated. You will be required to take on never-before-seen information security challenges at dizzying scales.

Key tasks include:

· Responding to information security incidents including internal events and targeted threats
· Working directly with Amazon Information Security Professionals and tier one service owners to provide security engineering solutions and support during customer-facing events
· Developing internal tools used to respond to incidents (e.g., automated security controls) to support Amazon’s unique and customized enterprise and production environments
· Creating and maintaining incident documentation, execution checklists, participate in post-mortem incident analysis, and write incident reports
· Participating in internal training to strengthen and mature Amazon's incident response capability and security posture
· Working closely with and collaborate with other security professionals to develop incident response plans and run books
· Providing daily technical guidance, leadership and assistance to Amazon Security Analysts and other first-tier security engineering personnel
· Adhering to and enforcing Amazon information security policy, practices and procedures
· Evangelizing security within and being an advocate for Customer Trust


· BS in Computer Science, Information Security, or equivalent
· Strong understanding of Linux and Windows Security
· At least four years of system security, network, and/or application security experience
· At least four years of experience working in an operational role for a commercial organization
· Technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
· Knowledge of system security vulnerabilities and remediation techniques
· Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
· Excellent written and verbal communication skills
· Excellent teamwork skills and ability to earn trust of others
· Results oriented, high energy, self-motivated

Other Qualifications & Responsibilities
· Ability to maintain a high level of alertness and attention to detail for extended periods
· Ability to work in a “follow the sun” rotation across and including weekends and holidays
· Experience dealing effectively with customers during problem resolution
· Ability to correlate system behaviors based on known inter-dependencies between those systems
· Effective work prioritization and time management


· MS in Computer Science, Information Security, or equivalent
· Experience with common IDS/IPS, networking monitoring, log analysis and forensic tools such as Splunk, Log Parser, Wireshark, The Sleuth Kit, Volatility, SNORT, Nagios, Bro, etc.
· Strong scripting skills in at least one of the following: Perl, Python, Ruby, or shell. Working knowledge of C, C++ or Java would be an advantage.
· CISSP, CISA, CISM and/or other security certifications
· Experience working as part of a Computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT)

Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran


Share this page:

  Facebook      Instagram      Twitter      Linkedin      Press release 

Join the community