Security Engineer I, Threat Hunting, Security Incident Response Team (SIRT)

Amazon's Threat Hunting team is looking for a Security Engineer, Threat Hunting who is excited by the idea of searching for and uncovering undetected threat activities at petabyte scale. In this role, you will work alongside other Threat Hunting engineers to proactively identify and eliminate threats wherever they may exist.

Our Threat Hunting team hunts for adversarial activity using a variety of tools, methods, intelligence, and techniques. They work hands-on with security logs and are encouraged to be creative and develop innovative techniques to illuminate threat activities. With your technical expertise, you will be solving security challenges at scale and working to protect applications powering the most sophisticated e-Commerce platform ever built.

If you are someone who enjoys researching threats, diving deep into large datasets, and building innovative capabilities to solve everyday problems, we'd like to meet you. Your work will be essential to maintaining customer trust and delivering a delightful experience for our customers.

This position requires that the candidate selected be a US Person.

Key job responsibilities

- You will query big data repositories to identify threat activities which pose a risk to Amazon customers and data.

- You will work alongside incident response teams and provide direct support to ongoing investigations and efforts to identify and contain security events.

- You will analyze security log data, identify threat behaviors, and develop custom threat detection and threat hunting strategies.

- You will author scripts and build custom capabilities to uncover threats and enable threat hunting operations at Petabyte scale.

- You will participate in an on-call rotation and provide ad hoc support to internal customers during non-business hours.

A day in the life

- Query, collate, and analyze machine-generated data for indications of digital threat activities.

- Develop database searches to extract security artifacts and threat signals from large and diverse datasets.

- Work alongside other engineers to improve security and reduce operating risk for our customers.

- Monitor cybersecurity media, blog posts, and other sources to maintain awareness of the threat landscape.

- Assist in designing and developing innovative capabilities to identify cyber threat activities at scale.

- Work individually and/or as a team on high priority security issues.

About the team

Amazon's Threat Hunting team is a component of the Security Incident Response Team (SIRT) and is responsible for proactively seeking out threat activities which pose a risk to our customers and business operations. Our threat hunters work alongside incident response engineers to support ongoing security investigations. This team works in a dynamic environment with shifting priorities.

Why Amazon Security

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

Inclusive Team Culture

In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training and Career Growth

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

#JoinDefSec

BASIC QUALIFICATIONS

- 2+ years of web protocols, common security attacks, and remediation (non-internship) experience

- Bachelor's degree in Engineering, Computer Science, or a related field

- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent

- Experience with web protocols, common security attacks, and remediation (non-internship)

- Experience solving basic problems by writing code or scripts with some assistance

PREFERRED QUALIFICATIONS

- Experience with AWS services or other cloud offerings

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at

USA, VA, Arlington - 136,000.00 - 184,000.00 USD annually