Security Incident Response Lead

3+ months agoDublin, Ireland


You have hundreds of thousands of hosts, hundreds of millions of lines of code, billions of online transactions, and one of the most visited sites on the Internet. Now go lead a team to secure it! At Amazon, we obsess over our customers and maintaining their trust. To earn that trust in an environment as vast and varied as Amazon's requires the applied skills of smart security engineers and experienced, innovative security leaders willing to tackle never-before-seen challenges at dizzying scales.

Reporting to the Global Corporate Security Response Lead, you will manage a team of talented and energetic security professionals responsible for detecting, analyzing and responding to information security threats across Amazon, as a part of a global, follow-the-sun corporate security response team.

The successful candidate will have a good mix of leadership skills and experience, deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of incident response, malware analysis, digital forensics, operating system security, network security, cryptography, software security, security operations, and emergent security intelligence.

Think you have what it takes? Keep reading.

Security Responsibilities
• Lead and coordinate the activities of the Security, Corporate Security Response EMEA team located in Dublin to ensure timely and effective response to information security threats
• Lead security incident response processes, identify and measure critical security operations metrics and continually improve the efficiency and effectiveness of the Corporate Security Response team
• Lead the development and operations of continually improving security automation, tooling and capabilities
• Work closely with peer managers in AWS Cloud Response, Information Security and Corporate IT teams to identify and implement process changes, improvements and efficiencies and ensure solid security practices
• Align Security Response functions with the organization's overall business objectives
• Monitor information security threat intelligence resources and maintain situational awareness of security events relevant to Amazon and its subsidiaries
• Optimize and enhance existing processes with an eye to reducing a high operational load
• Ensure continuity of operations for security events through effective communications between the global nodes of AWS Security Operations
• Work with your peers to assist the global Global Corporate Security Response Lead in defining the overall security response strategy for Amazon
Performance Management Responsibilities
• Create a positive work environment & provide a goal-driven framework for information security success in which team members may achieve organizational & individual performance objectives
• Own all facets of performance, hiring & career management for the team; regular one-on-one meetings with all team members are required
• Provide technical & soft skill coaching to maintain a well-rounded, innovative & operational organization
• Establish training programs for your engineers
• Supervise day-to-day activities of the team, providing management escalation support as required
• Track and report on key initiatives being delivered by the team

About Us

Inclusive Team Culture
We embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Work/Life Balance
Our team puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced lifeboth in and outside of work.

Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentor ship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify, and build.


• BA/BS in computer science, information security, related discipline, or equivalent work experience
• 5+ years of experience leading, managing & developing high performance teams
• 3+ years of hands-on experience in information security technologies such as continuous security monitoring, EDR, anti-malware controls, intrusion detection/prevention, access control & CSIRT-focused systems
• 3+ years of progressive experience within a Security Operations Center or similar operating environment, coordinating responses to security incidents


• MA/MS in computer science/related field
• Subject matter expertise in incident response, malware analysis, digital forensics, operating system security, network security, cryptography, software security, security operations, and emergent security intelligence
• Information security professional certifications encouraged (SANS GIAC, CISSP etc.)
• Experience leading the development of security tooling, infrastructure and processes
• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
• Strong information security risk-based prioritization abilities

Job ID: Amazon-1467287