DESCRIPTION

Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team!

Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in Sydney, Australia. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.

Key job responsibilities - Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon. - Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments. - Collaborate with builder teams to implement security fixes and improvements. - Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications. - Review and analyse common vulnerability disclosures and assist in evaluating potential impacts. - Help triage vulnerabilities and contribute to impact and detection logic assessments. - Contribute to the development of automation of repetitive tasks. - Actively participate in updating documentation and sharing knowledge across your global peers. - Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.

If you're excited about the opportunity to make a significant impact on the security of one of the world's largest and most complex technology ecosystems from our Sydney office, we'd love to hear from you!

BASIC QUALIFICATIONS

- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 3+ years equivalent technology experience - Strong understanding of security concepts with a security mindset. - Strong understanding of computer and network weaknesses and mitigating controls. - Strong ability to understand risk and prioritisation in the context of the business. - Ability to communicate effectively within technical and business settings. - Ability to document learnings and contribute to knowledge sharing and runbook building. - Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM). - Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.

PREFERRED QUALIFICATIONS

- 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle. - Ability to prioritise multiple tasks and projects. - Have a passion to learn and thrive in a dynamic and constantly changing environment. - Experience with virtualisation technologies, especially with AWS services. - Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc. - Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills. - Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture. - Understanding of best practices across multiple security disciplines/domains. - Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking. - Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.