Security Engineer, AWS Security

Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start‑ups to enterprises to large government customers, run their operations and applications on AWS’ highly secure infrastructure. Job Overview

AWS Security is looking for a Security Systems Engineer to play a pivotal role in ensuring the security and integrity of our systems and infrastructure. You will work closely with our security team to implement and maintain robust security measures that adhere to Australian Government security requirements, including the Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM). Key Responsibilities

Performing security event monitoring, incident management and response. Develop, tune, and maintain SIEM detections, dashboards, and correlation rules. Conduct proactive threat hunting and analysis to identify suspicious behaviour. Investigate, respond and be the escalation point for security alerts and incidents. Support the integration and optimisation of security data sources within SIEM platforms. Contribute to continuous improvement of SOC processes and automation initiatives including authoring SOC SOPs and runbooks. Apply frameworks such as MITRE ATT&CK and NIST in concert with the ISM and PSPF to guide security operations. Perform on‑call duties as required, out of business hours. Hold or be able to attain an Australian Government Security Vetting Agency clearance (see https://www1.defence.gov.au/security/clearances). Day in the Life

Typical tasks include real‑time monitoring of security alerts, investigating suspicious activities, developing custom detection rules, conducting threat hunts, collaborating with service teams on remediation, and generating metrics and dashboards to track security performance. Basic Qualifications

3+ years experience as a SOC Analyst or Defensive Cyber Role. Experience with SIEM tools (e.g., Splunk, Microsoft Sentinel, Sumo Logic). Good understanding of incident response, threat detection, and security monitoring. Good working knowledge of foundational systems and protocols (HTTP, DNS, TCP/IP). Excellent analytical, problem‑solving, and communication skills. Preferred Qualifications

5+ years experience as a SOC Analyst or Defensive Cyber Role. Demonstrated experience and application of incident response, threat detection, and security monitoring in high security environments. Strong technical working knowledge of key security domains (Cryptography, Identity & Access Management, and Application Security). Experience with AWS products and services. Acknowledgement Of Country

In the spirit of reconciliation, Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today. IDE Statement

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. Company

Amazon Web Services Australia Pty Ltd Job ID: A3128132

#J-18808-Ljbffr