Amazon Web Services, Inc.

CloudOps Sec. Specialist - AWS Security Operations Center (SOC)

Amazon Web Services, Inc.

April 30, 2021

  • BA/BS in Security, Risk Management, Data Analysis, Cyber Security, Information Technology, or related field(s).
  • 2-3 years' of experience with an enterprise wide security program.
  • 2-3 years' experience demonstrating high-level customer service skills
  • 3+ years' experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
  • Ability to work any shift within the 24/7 operation, including holidays and weekends and sit for prolonged periods
Amazon Web Services Security Operations Center (AWS-SOC) is looking for an individual to work as an Industry Specialist I within the AWS SOC Cloud Operations (CloudOps) team. A successful candidate will need to embody our 14 leadership principles; especially strong in Learn and Be Curious, Earns Trust, and Dives Deep. You will work from the Seattle SOC location, you need to be competent working in a fast paced technical and at times ambiguous environment.
The SOC Industry Specialist I will manage high severity events by coordinating with stakeholders and AWS cross functional teams to drive security mitigation. You will manage communications to security leaders and customers, generate and/or manage trouble tickets (i.e. security findings both logical and physical), analyze data and provide trend analysis across the AWS business, interact with security systems and data warehouses that impact AWS data, operations, and/or reputation.
The SOC CloudOps team supports technical security campaigns, employ security incident response and triage in support of data center operations, leverage tools and systems across AWS Security to query trends, mine databases and system logs to provide program reporting, and detect anomalies and/or inconsistencies that require mitigating improvements.
The successful candidate should have a record of accomplishment within security and/or related fields, possess excellent verbal and written communication skills to lead conference calls, demonstrate sound judgment while under pressure, and use critical thinking to solve complex problems. You need to be successful at multitasking, be self-motivated with a willingness to learn new skills, contribute to the teams’ development of runbooks, escalate and communicate effectively to stakeholders, and use discretion when dealing with sensitive information. You should also be able to rapidly learn new technologies, consider multiple solutions to problems, and show high levels of judgement when determining risk and impact of security events (physical and logical). An ideal candidate will have a thorough understanding of security operations as context for decision making when taking ownership to solve problems.
The AWS SOC is a 24/7/365 center and vulnerabilities and escalations can stretch to include nights, weekends, and holidays. This role is in the support of the 24/7 operations and will be part of a 4 shift (Days, Swing, Graves, and Weekends) rotation targeted at supporting the needs of the fast moving AWS environment.
Responsibilities:
  • Independently works and drives campaign findings, researches mitigation's, and analyzes potential security vulnerability related information from a variety of sources to identify patterns and trends.
  • Manage high security events, communicate risks to AWS stakeholders, and escalate to drive mitigation
  • Provide technical support and guidance to a team of analyst and engage in physical security discussions with site leaders.
  • Works as a catalyst to bring stakeholders together to address findings and risks until a formalized business owner is identified to take lead.
  • Produce progress reports, briefs, and white papers regarding vulnerabilities, security concerns, and operations gaps that affect AWS data center operations and/or AWS reputation.
  • Consults closely with the other Amazon security and service teams on issues related to AWS security posture.
  • Interface with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk.
You will have exposure to teams and leaders across AWS. You will observe and learn many aspects of the Amazon business. Your leadership and actions will contribute to the security of AWS spaces and assets across the globe, facilitating AWS growth. You will have ownership and responsibility for defining and executing processes that deliver results.
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.
Our team values work-life harmony. Availability during the AWS SOC’s 24/7/365 operation is imperative to maintaining proficiency in this role, and we understand that striking a healthy balance between your personal and professional life is crucial to your happiness and success here. We encourage members of the team to use personal time as needed to cultivate this balance and to promote a productive and well-balanced life— both in and outside of work.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
  • Extensive knowledge of security technology, risk assessment methodologies, policies, and processes.
  • Familiarity with cloud architecture/infrastructure and general networking principles
  • Experience in systems and/or network administration
Experience with cloud security operations in AWS
  • Experience demonstrating the ability to produce reports for senior managers, internal departments, and external stakeholders regarding security events, cyber threats, cloud security, and physical security infrastructure as they affect operations and customers globally
  • Experience using automation to solve problems and reduce repetitive tasks
  • Understanding of scripting languages, such as PowerShell, Python, and/or shell scripts
  • Ability to independently collect, research, and analyze threat related information from a variety of sources to identify and evaluate risks, patterns and trends
  • Experience with My SQL, SQL, and ability to manipulate raw datasets into analytical outputs within MS Excel (or other).
  • Experience with experience configuring and modifying access control systems (ex: Lenel, Multi-Max, C-Cure, Honeywell, etc.)
  • Experience maintaining Microsoft Active Directory
  • Experience engaging in project management, tracking timelines, and participating in planning and executing tasks within project milestones.
  • Meets/exceeds Amazon’s leadership principles requirements for this role
  • Meets/exceeds Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workforce. Amazon is an equal opportunity employer and does not discriminate on the basis of race, ethnicity, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.