Special Projects & Investigations – Threat Intelligence (SPI-TI) team is excited to be searching for a Threat Intelligence specialist who is an industry expert in the fields of threat intelligence or fraud. The Threat Intelligence team, part of Special Projects & Investigations (SPI), is responsible for preventing abuse and stopping threat actors from expanding their illegitimate services across Amazon. Our members specialize in investigating and understanding the ecosystem of threat actors.
SPI-TI protects Amazon by proactively analyzing new security threats, identifying malicious actors, and researching the evolving threat landscape. We partner with teams throughout Amazon to facilitate information sharing and increase security resilience through cross-functional collaboration. We share actionable threat intelligence and focus on continually developing collaboration and partnerships with security & intelligence teams throughout Amazon and the security industry. SPI-TI drives and enhances our ability to emulate threat actors, respond to security incidents, and to stay one step ahead of our adversaries.
Key job responsibilities
* Conduct in-depth research and perform investigations into potential and existing security threats from known and emerging threat actors
* Evaluate threats: collect, manipulate, and analyze data from multiple sources and assess this information to identify security threats and develop strategies to counter them.
* Preparing reports: Prepare written strategic reports and presentations based on your research, collection, and analysis of intelligence data. Create intelligence assessments that are free of bias.
* Work with a cross-functional team: you will work effectively with a cross-functional team and under tight deadlines.
* Briefings: Prepare and present oral and written reports on the conclusions and recommendations drawn from data/ information.
Technical Requirements:
* Working knowledge of scripting languages such as: Python, PHP, JavaScript
* You are curious and keep up-to-date across the cybersecurity landscape.
* You are familiar with adversary techniques and attack lifecycles. (e.g: adversary progression through techniques found in the MITRE ATT&CK® matrix)
* You have knowledge of operating systems fundamentals (Windows, bonus points for Linux and others).
* You are aware of threat intelligence, open-source intelligence or industry reporting and understand its importance to an organization.
About the team
We value diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply.
Inclusive Team Culture: In SPI, it’s in our nature to learn and be curious. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth: We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
- Bachelor's Degree or equivalent experience
- 5+ years’ experience in at least two of the following areas: threat intelligence, data analyst, information security, security operations/incident response, cyber-crime investigations or intelligence, fraud prevention, cyber threat hunting.
- Knowledge of programming and scripting languages, in particular Python.
- 3+ years’ experience using SQL or other query languages.
- Strong analytical, problem-solving, and critical thinking skills.
- Experience with open-source intelligence.
- Familiarity using threat intelligence, data analysis or technical analysis tools and platforms
- Experience producing written documentation, to include, but not limited to products, procedures, and instruction.
- Master's Degree in a relevant field to include homeland security, intelligence, cybersecurity, computer science.
- Completion of FBI or other IC element advanced analytic writing and reviewing courses (e.g. Advanced Writing, Reviewing Analytic Products).
- Ability to conduct technical research across several layers of the tech stack and automating tools
- Experience drafting intelligence products following analytic tradecraft standards and style guides.
- Hands-on experience hunting for and/or responding to incidents associated with eCrime.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $196,300/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.