Security Analyst

Job description

DESCRIPTION

We make it easy for customers to help protect their web applications from attacks by allowing them to configure rules that allow, block, or monitor (count) web requests based on conditions that they define. We also generate detection logic that helps automatically protect customers from bad actors and automated traffic to their applications. By supporting associations with CloudFront, Application Load Balancer, and API Gateway customers can protect their applications and resources whether all in on the cloud, maintaining on premise data centers, or using a hybrid cloud approach.

We build a highly available, low latency distributed system that allows customers to propagate changes worldwide in minutes to respond to active attacks in real-time. We’re fully integrated with several others AWS Services to give customers the insight and control they need. We give customers the visibility they need to see which requests were blocked, allowed, or counted and what rule was matched on a given request. Customers can store their full WAF logs for compliance and auditing as well as use them for debugging and additional forensics. Using CloudFormation customers can automate the deployment of their WAF on the AWS cloud.

In this role, you will serve as an application and network security subject matter expert and work directly with AWS customers across industry verticals to protect applications against external threats. You will leverage your deep expertise and understanding of customer use cases to design and implement security policies that protect customers at-scale or address bespoke requirements. You will conduct both routine and reactive security research to improve customer understanding of threats, exposures, and vulnerabilities through external communication like blogs, whitepapers, and presentations. As the threat environment evolves, you will respond with rapid solutions and communication strategies that mitigate risk to customer applications and earn trust with stakeholders at all levels.

PREFERRED QUALIFICATIONS

· Exceptional understanding of security vulnerabilities, attacker exploit techniques, and methods for remediation of such.
· Experience protecting large-scale applications using Web Application Firewalls (WAFs), network firewalls, and Intrusion Prevention Systems (IPS).
· Experience designing, building or testing web and API-based architectures.
· Experience communicating technical concepts to a non-technical audience.
· Exceptional presentation and written English communication skills; high degree of comfort with technical and executive audiences.
· Experience scripting in common languages (e.g. Ruby, Python)
· Advanced degree in Computer Science or a related technical field
· Excellent analytical and communication skills
· Technical experience in networking or web application security
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Desired profile

BASIC QUALIFICATIONS

· Bachelor’s degree in Computer Science, or similar quantitative field or related industry experience.
· 2+ years of experience in application and network security engineering.