CASY-MSCCN Jobs

Description

AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global infrastructure. In other words, we’re the people who keep the cloud running. We support all AWS data centers and all of the servers, storage, networking, power, and cooling equipment that ensure our customers have continual access to the innovation they rely on. We work on the most challenging problems, with thousands of variables impacting the supply chain — and we’re looking for talented people who want to help.

You’ll join a diverse team of software, hardware, and network engineers, supply chain specialists, security experts, operations managers, and other vital roles. You’ll collaborate with people across AWS to help us deliver the highest standards for safety and security while providing seemingly infinite capacity at the lowest possible cost for our customers. And you’ll experience an inclusive culture that welcomes bold ideas and empowers you to own them to completion.

At Amazon Web Services (AWS), we provide world-class, flexible, scalable, and secure cloud services to the world’s fastest growing startups, the largest enterprises, and leading government agencies. We do this by building, maintaining, and securing one of the largest, most complex infrastructures in the world. Within AWS, the Infrastructure Security – Threat, Vulnerability, and Operations (InfraSec-TVO) organization is comprised of multiple teams responsible for Threat and Vulnerability Management and Security Operations across the global AWS infrastructure.

The AWS InfraSec-TVO team is seeking a Security Manager with deep expertise in threat and vulnerability management to join us in building and maturing the Infrastructure Security Threat and Vulnerability Management team. In this role, you will be responsible for leading a two-pizza team of Security Engineers and Technical Program Managers in the identification, assessment, and remediation of threats and vulnerabilities across millions of infrastructure assets. This will be done through the use of in-house developed software, specialized security testing of AWS hardware and software, and holistic assessments of threats to AWS. You will leverage relationships with device owners, infrastructure engineers, and leaders throughout AWS to prioritize risk assessments and the implementation of mitigating and compensating controls. Finally, you will work with other Infrastructure Security leaders to improve processes and tooling for not only threat and vulnerability management, but also security information and event management (SIEM), detection engineering, incident response, and application security.

AWS leads and innovates. We don’t just buy off-the-shelf software or follow others. We research and pursue the best approach for the business, whether that’s building new solutions or leveraging existing ones. AWS, and Infrastructure Security in particular, operate at massive scale and as a result, demand the highest standards, passion, and discipline for information security and software engineering. A high level of ownership and accountability is a must for this role.

About the team

Why AWS

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

Inclusive Team Culture

Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empowers us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. We not only celebrate the diversity of our workforce, we celebrate the diverse ways we work. If you would like to request an accommodation for the interview or onboarding process, please let us know and we will connect you to our accommodation team. You may also reach them directly by visiting https://www.amazon.jobs/en/disability/us.

Mentorship and Career growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship, and other career-advancing resources here to help you develop into a better-rounded professional.

We are open to hiring candidates to work out of one of the following locations:

Herndon, VA, USA | Minneapolis, MN, USA

Basic Qualifications

• Bachelor’s Degree in Computer Science, Information Security, Information Technology, or equivalent work experience

• Minimum of five (5) years of experience in threat intelligence, vulnerability management, or other related discipline

• Minimum of two (2) years of engineering or people leadership experience

Preferred Qualifications

• Experience performing risk assessments of vulnerabilities and evaluating compensating and mitigating controls in large, complex networks

• Experience using internal and external threat intelligence sources to produce actionable threat intelligence that drives prioritization and remediation of security risk

• A strong understanding of core internet and networking technologies (routing protocols, network architecture, TCP/IP, etc.)

• Experience with common testing frameworks, such as the MITRE ATT$CK framework

• Experience with tools used to perform Dynamic Application Security Testing (DAST) or Static Application Security Testing (SAST)

• Linux systems engineering skills and a solid grasp on operating system fundamentals

• Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)

• Relevant industry certifications (ISC2, ISACA, SANS/GIAC, CompTIA, Microsoft, Linux, AWS)

• Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.