Sr Security Engineer, Perimeter Threat Research Team
Company: Amazon
Location: Seattle
Posted on: April 2, 2026
|
|
|
Job Description:
AWS Infrastructure Services owns the design, planning, delivery,
and operation of all AWS global infrastructure. In other words,
we’re the people who keep the cloud running. We support all AWS
data centers and all of the servers, storage, networking, power,
and cooling equipment that ensure our customers have continual
access to the innovation they rely on. We work on the most
challenging problems, with thousands of variables impacting the
supply chain — and we’re looking for talented people who want to
help. You’ll join a diverse team of software, hardware, and network
engineers, supply chain specialists, security experts, operations
managers, and other vital roles. You’ll collaborate with people
across AWS to help us deliver the highest standards for safety and
security while providing seemingly infinite capacity at the lowest
possible cost for our customers. And you’ll experience an inclusive
culture that welcomes bold ideas and empowers you to own them to
completion. The AWS Threat Research Team is responsible for
publishing a rich source of AWS home-grown threat intelligence for
AWS services and customers. We are looking for talented, creative
and passionate Security Engineers to help us research threats in
innovative ways to deliver actionable threat indicators and disrupt
threats. The AWS Threat Research Team (TRT) is looking for a
security engineer with deep expertise in application and network
security who is passionate about research, advocacy, and protecting
large-scale, production applications. As a part of this role, you
will: * Learn how our products work today, and where we want to
take them in the future * Help craft and build out threat data
gathering security systems at scale * Stay on top of cyber security
trends and mentor other engineers in the same * Act as a technical
lead, influencing other engineers’ designs and coding deliverables
* Work in an agile development environment, collaborating closely
with software engineers * Have fun in a challenging but rewarding
environment We believe that a diverse group of people with
different backgrounds and experiences are essential to invention
and we therefore do all we can to attract and nurture diversity in
our team. As an Amazonian you will learn from and collaborate with
talented colleagues across the globe. If this sounds like the
opportunity for you, come build with us! Key job responsibilities
The ideal candidate must demonstrate strong proficiency in malware
reverse engineering, including the ability to analyze, disassemble,
and deconstruct malicious software using industry-standard tools
such as IDA Pro, Ghidra, and debuggers like x64dbg. Experience with
static and dynamic analysis techniques is essential for identifying
malware behavior, capabilities, and indicators of compromise. A
solid foundation in web application security is required, including
expertise in identifying and mitigating vulnerabilities such as SQL
injection, cross-site scripting (XSS), and authentication flaws.
Familiarity with OWASP methodologies and tools like Burp Suite is
expected. Candidates must possess advanced threat hunting
capabilities, leveraging hypothesis-driven approaches and
behavioral analytics to proactively detect adversarial activity
within enterprise environments. Proficiency in crafting custom
detection rules and queries across SIEM platforms is essential. A
comprehensive understanding of network security is required, with a
strong emphasis on DDoS mitigation and botnet research. The
candidate must have experience analyzing botnet infrastructure,
understanding command-and-control communication protocols, and
identifying botnet propagation techniques. Proficiency in traffic
analysis, volumetric attack pattern recognition, and DDoS defense
strategies is essential. Hands-on experience with packet capture
tools such as Wireshark, Zeek, and NetFlow analysis platforms is
expected, along with the ability to research emerging botnet
families and their evolving attack vectors. A working knowledge of
threat intelligence frameworks such as MITRE ATT&CK and
familiarity with STIX/TAXII standards is preferred. About the team
The AWS Perimeter Protection Threat Research Team produces
actionable threat intelligence that drives AWS security and
networking services, including AWS Shield, AWS WAF, AWS Firewall
Manager, and Network Firewall. Our diverse team of security
researchers and engineers operates advanced deception technology
and threat intelligence systems to identify, track, and analyze bad
actors as they continuously evolve their tactics, techniques, and
procedures. We proactively monitor emerging threats across some of
the largest distributed networks in the world, transforming raw
intelligence into meaningful insights that strengthen AWS defenses.
If you're passionate about outsmarting adversaries and shaping the
future of cloud security at scale, we'd love to have you join us. -
4 years of non-internship background in troubleshooting systems
issues, analyzing logs, or automating complex tasks using command
line tools experience - 5 years of work in identifying security
issues and risks, and developing mitigation plans experience - 4
years of (non-internship) scripting, programming, and security code
review in common programming languages experience - Knowledge of at
least two of the following programming languages: Scala, Java,
Python, C/C++, or Go - Experience (non-internship) in scripting,
programming, and security code reviewing in a common programming
language - Experience (non-internship) in troubleshooting systems
issues, analyzing logs, or automating complex tasks using command
line tools - Experience working in identifying security issues and
risks, and developing mitigation plans - Experience
(non-internship) in industry-based security vulnerabilities
identification, attack patterns, and remediation techniques -
Experience as a mentor, tech lead or leading an engineering team -
Experience applying threat modeling or other risk identification
techniques or equivalent - Experience with security in
service-oriented architectures/microservices and web services
Amazon is an equal opportunity employer and does not discriminate
on the basis of protected veteran status, disability, or other
legally protected status. Our inclusive culture empowers Amazonians
to deliver the best results for our customers. If you have a
disability and need a workplace accommodation or adjustment during
the application and hiring process, including support for the
interview or onboarding process, please visit
https://amazon.jobs/content/en/how-we-hire/accommodations for more
information. If the country/region you’re applying in isn’t listed,
please contact your Recruiting Partner. The base salary range for
this position is listed below. Your Amazon package will include
sign-on payments and restricted stock units (RSUs). Final
compensation will be determined based on factors including
experience, qualifications, and location. Amazon also offers
comprehensive benefits including health insurance (medical, dental,
vision, prescription, Basic Life & AD&D insurance and option
for Supplemental life plans, EAP, Mental Health Support, Medical
Advice Line, Flexible Spending Accounts, Adoption and Surrogacy
Reimbursement coverage), 401(k) matching, paid time off, and
parental leave. Learn more about our benefits at
https://amazon.jobs/en/benefits . USA, WA, Seattle - 178,400.00 -
226,700.00 USD annually
Keywords: Amazon, Renton , Sr Security Engineer, Perimeter Threat Research Team, IT / Software / Systems , Seattle, Washington
