Find your next role

DESCRIPTION

Are you ready to protect millions of homes and families as part of Amazon's elite Device Security Incident Response team? Join us in defending Ring, Blink, eero, and other industry-leading IoT platforms where every incident response decision impacts real people's safety and privacy.

We’re looking for a seasoned security engineer to join a cross-functional Incident Response team supporting multiple Amazon devices brands. This is a hands-on role is focused on protecting the security and privacy of millions of customers by responding to incidents that impact real-world products and services. Our customers trust us with their safety and personal spaces, and it’s our responsibility to uphold that trust through strong, effective security practices. You will become a subject matter expert in the brands you support, leading our response to incidents through detection, assessment, containment, eradication, and post-mortem, while identifying opportunities to raise the bar on security for Amazon products and Customers. This high-visibility role requires clear communication, sound judgment under pressure, and the ability to work across organizational boundaries. You will be a strong advocate for customer safety and privacy, ensuring our devices deliver protection without compromise. You will document your work thoroughly, contribute to post-incident reviews, and collaborate with engineering teams to drive long-term improvements across the business. You will have opportunities to utilize, or expand your AI/ML skills, as we focus on automation.


Key job responsibilities
* Investigate and respond to security incidents in the Devices and Services org, setting the pace, and driving rapid, effective response that reduces or eliminates risk
* Act as an incident responder or commander during active security events, coordinating technical response while keeping business stakeholders informed
* Conduct thorough post-mortem analysis of security incidents, driving root cause identification, and identifying opportunities to improve security for Amazon products and services
* Security consults with builder teams to ensure that security is designed into products from their inception
* Collaborate with both technical, and non-technical stakeholders at all levels of the business, to execute rapid, and effective incident response
* Develop, maintain, and respond to detections using Splunk/SOAR, as well as internal Amazon tooling
* Combat various forms of fraud and abuse, by coordinating with business teams to develop comprehensive prevention/detection/response capabilities
* Contribute to team efforts to increase capability and efficiency through automation of manual workloads and increase signal quality using AI/ML tools or approaches
* Assist in runbook development, playbook tuning, and continuous process improvements
* Participate in an on-call rotation (approx. two weekend days per month)
* Work within a global, collaborative Amazon Security team where engineers and specialists support one another to solve complex problems and respond to security challenges together
* Coordinate response efforts with other Incident Response teams at Amazon when appropriate, and share learnings
* Maintain and support WAF products that protect Amazon services from abuse, drive adoption, evaluate or tune rules
* Develop and update SQL queries to investigate security incidents, analyze log data, and extract relevant information from logs, databases and services.

A day in the life
As a Security Incident Response Engineer, you'll guide our team through complex security challenges impacting millions of customers. You'll:

• Spearhead end-to-end incident response across Amazon's device ecosystem
• Drive real-time decision-making during active incidents
• Conduct impact assessments and implement containment strategies
• Develop durable solutions with engineering teams
• Proactively hunt threats and create new detection mechanisms
• Consult on security for new product designs
• Analyze data to identify hidden vulnerabilities

We seek naturally curious problem-solvers who combine technical expertise with investigative instincts. You'll be the calm voice in the storm, transforming chaos into clarity and consistently safeguarding our customers' trust in Amazon's devices and services.

About the team
We're a tight-knit group of Security Engineers united by our mission to protect Amazon's customers. Though small, our impact is outsized. We've driven meaningful improvements across Amazon's device ecosystem through technical excellence and relentless customer advocacy.

We're engineers first, approaching challenges with security expertise to create practical solutions. We champion "better products" over "more products," solving problems collaboratively with empathy and partnership. We're not the team that just says "no" – we find secure paths forward.

When incidents arise, we need our builders to feel relief when we arrive. We build bridges, not ivory towers, transforming security from a barrier into an enabler of innovation.