Cyber Threat Exploitation Engineer, Amazon Cyber Threat Intelligence

About This Role

Join the Amazon Cyber Threat Intelligence (ACTI) team as a Cyber Threat Exploitation Engineer, leveraging in-depth knowledge of exploits and vulnerabilities to identify novel threat actors and discover attacks against Amazon, AWS, and its customers. This role involves formulating new analytic techniques, driving strategic direction in secure design, and coordinating countermeasure efforts.

Responsibilities

• Identify, research, and analyze novel vulnerabilities discovered in threat intelligence data, applications, devices, and networks
• Interface with ACTI reverse engineers to provide reversing requirements and independently triage malware, analyze exploit samples, and study attack techniques
• Pursue actionable intelligence on current exploits, perform deep dive analysis of malicious artifacts, and use that data to identify attacks
• Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
• Create security techniques and automation for internal use to improve team efficiency and scale
• Provide situational awareness on the current threat landscape and associated techniques, tactics, and procedures
• Accurately document ongoing investigations, craft consumable threat intelligence products, and communicate emerging threats and high-risk vulnerabilities to key stakeholders

Requirements

• BS degree in computer science, computer engineering, or related field, or 5+ years of technical work experience
• 5+ years of industry-based experience in security vulnerabilities identification, attack patterns, and remediation techniques
• 5+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing
• 5+ years of automation scripting using Python, Bash, Shell and/or Perl
• 5+ years of SQL experience
• Knowledge of and experience with cloud infrastructure technologies

Qualifications

• BS degree in computer science, computer engineering, or related field, or 5+ years of technical work experience
• 5+ years of industry-based experience in security vulnerabilities identification, attack patterns, and remediation techniques; 5+ years of experience in application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing.

Nice to Have

• Master's degree in computer science, computer engineering, or related field
• 5+ years experience Threat Intelligence research and analysis related to software exploits and the creation of corresponding detections and/or countermeasures
• Experience with malware analysis, network flow analysis, and large scale data analysis
• Experience with firmware reverse engineering and analysis of ARM, MIPS, and x86-64 binaries
• Experience fuzzing software for correctness and triaging crashes, Web application enumeration and attack surface analysis
• Strong understanding of Windows, Linux, and/or OS X internals, web, and common software vulnerabilities

Skills

* Required skills

Benefits