Amazon Web Services (AWS) is the leading cloud provider, providing virtual infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWSs multi-tenant infrastructure. Governmental organizations are also looking to and depending on AWS for cloud solutions and services. The AWS Security Incident Response team is seeking a focused Security Engineer who can take on a leadership role in responding to security issues in support of our National Security program. This engineer will work as a part of a growing team of security engineers who are focused on protecting the AWS infrastructure that is used by our national security customers. Our security engineers perform many duties during an average day: log analysis, incident response, forensics, system/tooling development, and risk assessment, just to name a few. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right timeframes to mitigate risks. They also need to balance technical risks against business needs and be able to articulate risks and mitigations to members of leadership at various levels. The ideal candidate will have a good mix of deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. An ideal candidate should be able to accomplish most of the following: . Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future. . Design and coordinate cohesive responses to security events that involve multiple teams across the organization. . Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale. . Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences. . Recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence. . Fulfill regular on-call responsibilities. This position requires that the candidate selected be a US citizen and must currently possess an active Top Secret security clearance. The position further requires that, after start, the selected candidate obtain and maintain an active TS/SCI security clearance with polygraph and satisfy other security related requirements. Basic Qualifications . BS degree in Computer Science, Computer Engineering, Electrical Engineering, or 3+ years equivalent technology experience. . 5 years or more of demonstrated experience with a focus in areas such as systems, network, and/or application security. . Previous experience on a Security Operations team, especially experience working with industry standard SIEMs (Security information and event management products). . This position requires that the candidate selected be a US citizen and must currently possess an active Top Secret security clearance. The position further requires that, after start, the selected candidate obtain and maintain an active TS/SCI security clearance with polygraph and satisfy other security related requirements. Preferred Qualifications . Experience with one or more scripting/programming language (Python, Ruby, Java, Perl, etc). . Deep understanding of the AWS service catalog. Ideally, you have used AWS services in a production capacity. . Experience with log analysis systems, like Splunk or ELK. . Relevant certifications from Amazon Web Services or Splunk. . Strong demonstrated knowledge of web protocols, common attacks, and an in-depth knowledge of Linux/Unix tools and architecture. . Familiarity with Windows and Linux logging systems. . Understanding of network protocols (TCP, UDP, DNS, HTTPS, TLS, etc) . Understanding of high-level cryptography principles (PKI, encryption algorithms, etc) . A sense of humor! We work hard to raise the security bar for our customers, but we also know how to laugh. . Meets/exceeds Amazons leadership principles requirements for this role . Meets/exceeds Amazons functional/technical depth and complexity for this role Amazon is an Equal Opportunity-Affirmative Action Employer Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.