Security Engineer II, Threat Hunting
Security Engineer II, Threat Hunting
Posted on :
13-07-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
13-07-2025
Job Description
Amazons Threat Hunting team is looking for a Security Engineer Threat Hunting who is excited by the idea of searching for and uncovering undetected threat activities at petabyte scale. In this role you will work alongside other Threat Hunting engineers to proactively identify and eliminate threats wherever they may exist.
Our Threat Hunting team hunts for adversarial activity using a variety of tools methods intelligence and techniques. They work hands-on with security logs and are encouraged to be creative and develop innovative techniques to illuminate threat activities. With your technical expertise you will be solving security challenges at scale and working to protect applications powering the most sophisticated e-Commerce platform ever built.
If you are someone who enjoys researching threats diving deep into large datasets and building innovative capabilities to solve everyday problems wed like to meet you. Your work will be essential to maintaining customer trust and delivering a delightful experience for our customers.
Key job responsibilities
- You will query and collate machine data to search for evidence of potentially damaging threat activities which pose a risk to Amazon customers and data.
- You will work alongside incident responders and support the investigation of ongoing security issues.
- You will reconstruct security events from log data and develop innovative approaches to identify threat actor tactics techniques and procedures (TTPs).
- You will use your knowledge of attacker tradecraft to identify creative and sophisticated approaches to detect threats across a wide range of telemetry sources.
- You will design build and operate custom capabilities to enable threat hunting operations at petabyte scale.
- You will participate in an on-call rotation and provide ad hoc support to customers during non-business hours.
A day in the life
- Query collate and analyze machine-generated data for indications of digital threat activities.
- Develop searches using SQL to extract threat signals and security artifacts from large and diverse datasets.
- Build innovative tools and capabilities to automate recurring workflows and promote efficiency across the team.
- Work alongside other engineers to improve security and reduce operating risk for our customers.
- Monitor cybersecurity media blog posts and other sources to maintain awareness of the threat landscape.
- Coach and mentor junior security engineers internal to the team and across the organization.
- Work individually and/or as a team on high priority security issues.
About the team
Amazons Threat Hunting team is a component of the Security Incident Response Team (SIRT) and is responsible for proactively seeking out threat activities which pose a risk to our customers and business operations. Our threat hunters work alongside incident response engineers to support ongoing security investigations. This team works in a dynamic environment with shifting priorities.
Why Amazon Security
At Amazon security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazons products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud devices retail entertainment healthcare operations and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home theres nothing we cant achieve.
Inclusive Team Culture
In Amazon Security its in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas perspectives and voices.
Training and Career Growth
Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing training and other career-advancing resources here to help you develop into a better-rounded professional.
- Bachelors degree or CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud or CySA (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest
- 3 years of any combination of the following: threat modeling experience secure coding identity management and authentication software development cryptography system administration and network security experience
- 2 years of programming in Python Ruby Go Swift Java .Net C or similar object oriented language experience
- Knowledge of system security vulnerabilities and remediation techniques including penetration testing and the development of exploits or equivalent
- Experience with AWS products and services
- Experience with programming languages such as Python Java C
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.
Our Threat Hunting team hunts for adversarial activity using a variety of tools methods intelligence and techniques. They work hands-on with security logs and are encouraged to be creative and develop innovative techniques to illuminate threat activities. With your technical expertise you will be solving security challenges at scale and working to protect applications powering the most sophisticated e-Commerce platform ever built.
If you are someone who enjoys researching threats diving deep into large datasets and building innovative capabilities to solve everyday problems wed like to meet you. Your work will be essential to maintaining customer trust and delivering a delightful experience for our customers.
Key job responsibilities
- You will query and collate machine data to search for evidence of potentially damaging threat activities which pose a risk to Amazon customers and data.
- You will work alongside incident responders and support the investigation of ongoing security issues.
- You will reconstruct security events from log data and develop innovative approaches to identify threat actor tactics techniques and procedures (TTPs).
- You will use your knowledge of attacker tradecraft to identify creative and sophisticated approaches to detect threats across a wide range of telemetry sources.
- You will design build and operate custom capabilities to enable threat hunting operations at petabyte scale.
- You will participate in an on-call rotation and provide ad hoc support to customers during non-business hours.
A day in the life
- Query collate and analyze machine-generated data for indications of digital threat activities.
- Develop searches using SQL to extract threat signals and security artifacts from large and diverse datasets.
- Build innovative tools and capabilities to automate recurring workflows and promote efficiency across the team.
- Work alongside other engineers to improve security and reduce operating risk for our customers.
- Monitor cybersecurity media blog posts and other sources to maintain awareness of the threat landscape.
- Coach and mentor junior security engineers internal to the team and across the organization.
- Work individually and/or as a team on high priority security issues.
About the team
Amazons Threat Hunting team is a component of the Security Incident Response Team (SIRT) and is responsible for proactively seeking out threat activities which pose a risk to our customers and business operations. Our threat hunters work alongside incident response engineers to support ongoing security investigations. This team works in a dynamic environment with shifting priorities.
Why Amazon Security
At Amazon security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazons products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud devices retail entertainment healthcare operations and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home theres nothing we cant achieve.
Inclusive Team Culture
In Amazon Security its in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas perspectives and voices.
Training and Career Growth
Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing training and other career-advancing resources here to help you develop into a better-rounded professional.
- Bachelors degree or CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud or CySA (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest
- 3 years of any combination of the following: threat modeling experience secure coding identity management and authentication software development cryptography system administration and network security experience
- 2 years of programming in Python Ruby Go Swift Java .Net C or similar object oriented language experience
- Knowledge of system security vulnerabilities and remediation techniques including penetration testing and the development of exploits or equivalent
- Experience with AWS products and services
- Experience with programming languages such as Python Java C
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
