| About Me | https://oxley.io |
| https://linkedin.com/in/doxley | |
| Bluesky | https://bsky.app/profile/oxley.io |
| Keybase | https://keybase.io/doxley |
Amazon is seeking an innovative Senior Security Intel Engineer to join the Vulnerability and Exploitation Threat Intelligence (VEX TI) team as a part of Amazon Cyber Threat Intelligence (ACTI). As a Senior Security Intel Engineer, you will leverage your in-depth knowledge and analysis of emergent exploits, exploit frameworks, and vulnerabilities to identify novel threat actors, discover attacks against Amazon, AWS and their customers, and drive effective technical countermeasures. ACTI is responsible to identify, curate, and report timely, accurate, and actionable threat intelligence. ACTI delivers cyber threat intelligence to Amazon and AWS leadership, service teams, partners, and both internal and external customers.In the Senior Security Intel Engineer role you will formulate new analytic techniques and work across teams to drive the supporting capabilities. A deep understanding of advanced actor tactics, techniques, and procedures (TTPs) is required, as well as how those TTP’s will present themselves in network-based and host-based logs derived from software, operating systems, networks, cloud infrastructure, networking equipment, and web applications. In addition, you will script and help automate recurring tasks to improve the overall effectiveness of the intelligence and how it is utilized throughout Amazon and AWS, to include; tactical integrations with red and blue teams and strategic impact overall. Beyond direct technical work on exploits, vulnerability research, and threat intelligence, the VEX Senior Security Intel Engineer will steer strategic direction in the secure design of AWS services, coordinate take-downs of malicious infrastructure, and drive effective technical countermeasures.Key job responsibilities* Identify, research, and analyze novel vulnerabilities discovered in threat intelligence data, applications, devices, and networks * Interface with ACTI reverse engineers to provide reversing requirements as well as be able to independently triage malware, analyze exploit code, and study attack techniques to understand how vulnerabilities are being weaponized * Pursue actionable intelligence on current exploits, perform deep dive analysis of malicious artifacts related to software exploits, and use that data to identify attacks against Amazon, AWS, and its customers* Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities* Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale* Provide situational awareness on the current threat landscape and the techniques, tactics, and procedures associated with specific threats* Accurately document ongoing investigations, craft consumable threat intelligence products, and clearly present and communicate emerging threats and high-risk vulnerabilities in cloud, network devices, and web applications to key stakeholders * Periodic on-call responsibilitiesA day in the lifeIdentify novel and impactful exploits and vulnerabilities to inform threat intelligence analysis and identify new and unknown impactful threat actors targeting Amazon, AWS, and our customers.About the teamThe AWS Threat Intelligence VEX team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing actionable intelligence on exploits and vulnerabilities utilized by advanced cyber threats against AWS services and AWS customers. We obtain indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of sophisticated, emerging actors, and their tools, techniques, and procedures. We then leverage that understanding to proactively identify and mitigate malicious activity.Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.We are open to hiring candidates to work out of one of the following locations:Annapolis Junction, MD, USA | Arlington, VA, USA | Austin, TX, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, USA
The AWS Threat Intelligence team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing actionable intelligence on advanced cyber threats to AWS services and AWS customers. We obtain indicators and intelligence from a variety of internal and external sources and use that information to develop an understanding of sophisticated actors and their tools, techniques, and procedures. We then leverage that understanding to proactively identify and mitigate malicious activity.The successful candidate will analyze indicators to generate actionable intelligence and insight into current threats. As a Senior Security Intelligence Engineer, you will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current cyber threat actors and TTPs as well as experience performing question-driven analysis is required. You will leverage your understanding of networking- and host-based indicators and digital forensics as you investigate incidents and threats as well.Contributing meaningfully to the automation and scaling of the team’s threat intelligence processes and work will be a primary responsibility of this role.Inclusive Team CultureHere at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.Work/Life BalanceOur team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.Mentorship & Career GrowthOur team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring and thorough, but kind, code reviews. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.Key job responsibilitiesKey responsibilities include:- Perform deep dive analysis of malicious artifacts.- Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.- Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale.- Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.- Pursue actionable intelligence on current threats as they relate to AWS.- Periodic on-call responsibilities.We are open to hiring candidates to work out of one of the following locations:Annapolis Junction, MD, USA | Arlington, VA, USA | Austin, TX, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, USA
my to-read pile grows ever larger with the addition of @pluralistic's https://www.kickstarter.com/projects/doctorow/the-internet-con-how-to-seize-the-means-of-computation
so many good books coming out recently
Molly White