Security Engineer – AWS Security Incident Response

About the role

We are seeking a Security Engineer to join the AWS Security Incident Response team. In this role you will help protect AWS customers by detecting, investigating, and responding to security threats across cloud environments.

Key responsibilities

• Maintain or obtain an Australian Government Security Vetting Agency clearance.
• Respond to threat findings and investigate unauthorized activity.
• Design and implement security automation and enhancements to AWS SIR capabilities.
• Provide engineering support during customer‑facing incidents and develop preventative solutions.
• Mentor junior information security engineers and promote rapid risk mitigation.
• Track and report on the effectiveness of detective controls such as Amazon GuardDuty, CrowdStrike Falcon, and Wiz Defend.
• Develop processes and policies to improve incident response efficiency.
• Participate in on‑call rotation, including weekends.

Required profile

• 3+ years of experience troubleshooting systems, analyzing logs, or automating tasks using command‑line tools.
• 3+ years of professional programming experience in Python and Ruby.
• Ability to work through ambiguity, communicate technical concepts to non‑technical audiences, and collaborate in a team environment.

Required skills

• Python
• Ruby
• AWS services
• Amazon GuardDuty
• CrowdStrike Falcon
• Wiz Defend