Description
Applicants must be Australian citizens and hold or be eligible to obtain an Australian Government Security Clearance, with the ability to successfully complete an Organisational Suitability Assessment.
AWS Security is looking for a Security Systems Engineer to play a pivotal role in ensuring the security and integrity of our systems and infrastructure. You will work closely with our security team to implement and maintain robust security measures that adhere to Australian Government security requirements, including the Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM).
Key job responsibilities
* Perform security event monitoring, incident management and response.
* Develop, tune and maintain SIEM detections, dashboards and correlation rules.
* Conduct proactive threat hunting and analysis to identify suspicious behaviour.
* Investigate, respond and serve as the escalation point for security alerts and incidents.
* Support the integration and optimisation of security data sources within SIEM platforms.
* Contribute to continuous improvement of SOC processes and automation initiatives including authoring SOC SOPs and runbooks.
* Apply frameworks such as MITRE ATT&CK and NIST in concert with the ISM and PSPF to guide security operations.
* Perform on‐call duties as required, out of business hours.
A day in the life
* Respond to new detections: monitor security alerts in real‐time, investigate suspicious activities, determine if incidents are legitimate threats or false positives, and coordinate immediate response actions including containment and remediation.
* Write security detections: develop and implement custom detection rules based on emerging threat intelligence, tune existing security signatures and create automated alerts.
* Threat hunt: proactively search through network logs, endpoint data and system activities for signs of advanced persistent threats.
* Work with service teams on security issues: collaborate with IT, network and application teams to remediate identified vulnerabilities and coordinate security patches.
* Generate metrics and dashboards: create and maintain security performance indicators and executive‐level reports summarizing security posture.
Basic Qualifications
* 3+ years experience as a SOC Analyst or Defensive Cyber Role.
* Experience with SIEM tools (e.g., Splunk, Microsoft Sentinel, Sumo Logic or similar).
* Demonstrated experience and application of incident response, threat detection and security monitoring in high security environments.
Preferred Qualifications
* Good working knowledge of foundational systems and protocols such as HTTP, DNS, TCP/IP.
* Strong technical working knowledge of key security domains such as Cryptography, Identity & Access Management and Application Security.
Equity, Diversity & Inclusion
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you are applying in isn't listed, please contact your Recruiting Partner.
#J-18808-Ljbffr