89 Threat Detection jobs in Seattle

Come and build innovative services that protect our cloud from advanced security threats! As a Security Engineer on our team, youll help build and manage services that detect and automate the mitigation of cybersecurity threats across Amazons infras Security Engineer, Security, Customer Experience, Development Engineer, Engineer, Data Scientist, Technology

Description

Come and build innovative services that protect our cloud from advanced security threats!

As a Senior Security Engineer on our team, you'll help build and manage services that detect and automate the mitigation of cybersecurity threats across Amazon's infrastructure, including advanced persistent threats. You'll work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions at a massive scale. Our services protect the AWS cloud for all customers and help preserve our customers' trust in us. You'll get to use the full power and breadth of AWS technologies to build services that proactively protect every single AWS customer, both internally and externally, from security threats - not many teams can say that!

Key job responsibilities

• Research, identify, and prioritize security problems that can be detected using automation

• Develop detection prototypes for security problems to enhance detection capabilities

• Design and develop threat models for IoT systems to identify attack paths and security gaps

• Identify opportunities to prevent security issues at scale

• Mentor and develop teammates both technically and professionally

• Seek out, develop, and advocate for new technology to research, identify, and mitigate complex risks

About the team

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including the cloud.

Inclusive Team Culture

In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexibility is part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

Basic Qualifications

• 5+ years of experience performing security investigations, detection engineering, threat hunting, and/or incident response in the context of large organizations

• Understanding of Tactics, Techniques, and Procedures (TTPs) used by threat actors or groups

• Knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)

• An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

• Ability to develop code with at least one modern language, such as Python

Preferred Qualifications

• Experience creating threat detections in enterprise environments

• Experience with analytic development for endpoint, network, and/or physical security

• Experience designing and developing threat models for IoT systems to identify attack paths and security gaps

• Experience with common cloud services (IAM, Lambda, EC2, VPC, S3, etc.)

• Experience with data science, machine learning, big data analytics, and/or streaming technologies (e.g., Kafka, Spark Streaming, Kinesis)

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit . This position will remain posted until filled. Applicants should apply via our internal or external career site.

THE ROLE In close partnership with the Cybersecurity team and other departments, this role is responsible for developing and implementing advanced threat detection and SIEM strategies that enhance the organization's security posture. This role requires an experienced and driven security engineer who can work independently and take initiative. The ideal candidate will bring a mix of strategic insight, technical expertise, and discipline in threat detection. Additionally, this engineer will be expected to act as a subject matter expert in SIEM to guide and collaborate with other security functions to optimize SIEM usage. REPORTS TO Senior Director, Cyber Defense TEAM Team consists of FTEs, Contractors, and a Third-Party Managed Service Provider LOCATION Preference for this person to be based in Bangalore; hybrid. WHAT YOU WILL DO Operational Maturity : Develop clear documentation for processes, metrics, and outcomes, ensuring adherence to SLAs and compliance requirements. Foster continuous improvement in threat detection and SIEM management. Threat Detection Leadership : Provide technical leadership across threat detection and SIEM, with a focus on enhancing incident handling processes, detection engineering, threat interdiction capabilities and metrics. Security Tool Operations : Own and manage security tool alerts, ensuring comprehensive coverage and effectiveness across the enterprise while continuously improving detection and prevention mechanisms. Cloud and DevOps Security : Drive security capabilities by embedding security into DevOps workflows, leveraging cloud-native tools, and advancing automation for detection and response. Continuous Improvement : Stay current and share best practices on how to use modern methods to address security gaps. Leverage artificial intelligence to reduce manual work. Performance Metrics : Facilitate and monitor key performance metrics and reporting frameworks to ensure the efficiency and effectiveness of the program, facilitating resource allocation and increasing the maturity of the security. Change Management : Follow change management process in managing security platforms Collaboration : Collaborate with cross-functional teams to ensure security solutions meet operational and cultural goals. Collect and analyze feedback to continuously refine tools, platforms, and support processes. WHO YOU ARE Bachelor's degree in Cyber Security, information technology or related field; 5+ years of experience in cybersecurity, with a focus on threat detection and SIEM. Hands-on experience with CrowdStrike Platform; NG SIEM an advantage Strong knowledge of IT security principles and compliance standards. Proven ability to balance strategic vision with hands-on implementation. Exceptional communication, and problem-solving skills. A driven and self-starting individual who can work independently and take initiative. Experience working across multiple countries and time zones is an advantage. Company Overview Fortive’s essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions. We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We’re a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions. We are a diverse team united by a dynamic, inclusive culture and energized by limitless learning and growth. We use proven business systems to accelerate our positive impact. At Fortive, we believe in you. We believe in your potential—your ability to learn, grow, and make a difference. At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone. At Fortive, we believe in growth. We’re honest about what’s working and what isn’t, and we never stop improving and innovating. Ready to move your career forward? Find out more at (Company Website). Equal Opportunity Employer We are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. We are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at (Contact Information). Bonus or Equity This position is also eligible for bonus as part of the total compensation package. Fortive Corporation Overview Fortive’s essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions. We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We’re a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions. We are a diverse team 17,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact. At Fortive, we believe in you. We believe in your potential—your ability to learn, grow, and make a difference. At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone. At Fortive, we believe in growth. We’re honest about what’s working and what isn’t, and we never stop improving and innovating. Fortive: For you, for us, for growth. Ready to move your career forward? Find out more at careers.fortive.com. We Are an Equal Opportunity Employer. Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Fortive and all Fortive Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at #J-18808-Ljbffr

THE ROLE

In close partnership with the Cybersecurity team and other departments, this role is responsible for developing and implementing advanced threat detection and SIEM strategies that enhance the organization's security posture. This role requires an experienced and driven security engineer who can work independently and take initiative. The ideal candidate will bring a mix of strategic insight, technical expertise, and discipline in threat detection. Additionally, this engineer will be expected to act as a subject matter expert in SIEM to guide and collaborate with other security functions to optimize SIEM usage.

REPORTS TO

Senior Director, Cyber Defense

TEAM

Team consists of FTEs, Contractors, and a Third-Party Managed Service Provider

LOCATION

Preference for this person to be based in Bangalore; hybrid.

WHAT YOU WILL DO

• Operational Maturity : Develop clear documentation for processes, metrics, and outcomes, ensuring adherence to SLAs and compliance requirements. Foster continuous improvement in threat detection and SIEM management.
• Threat Detection Leadership : Provide technical leadership across threat detection and SIEM, with a focus on enhancing incident handling processes, detection engineering, threat interdiction capabilities and metrics.
• Security Tool Operations : Own and manage security tool alerts, ensuring comprehensive coverage and effectiveness across the enterprise while continuously improving detection and prevention mechanisms.
• Cloud and DevOps Security : Drive security capabilities by embedding security into DevOps workflows, leveraging cloud-native tools, and advancing automation for detection and response.
• Continuous Improvement : Stay current and share best practices on how to use modern methods to address security gaps. Leverage artificial intelligence to reduce manual work.
• Performance Metrics : Facilitate and monitor key performance metrics and reporting frameworks to ensure the efficiency and effectiveness of the program, facilitating resource allocation and increasing the maturity of the security.
• Change Management : Follow change management process in managing security platforms
• Collaboration : Collaborate with cross-functional teams to ensure security solutions meet operational and cultural goals. Collect and analyze feedback to continuously refine tools, platforms, and support processes.

WHO YOU ARE

• Bachelor's degree in Cyber Security, information technology or related field;
• 5+ years of experience in cybersecurity, with a focus on threat detection and SIEM.
• Hands-on experience with CrowdStrike Platform; NG SIEM an advantage
• Strong knowledge of IT security principles and compliance standards.
• Proven ability to balance strategic vision with hands-on implementation.
• Exceptional communication, and problem-solving skills.
• A driven and self-starting individual who can work independently and take initiative.
• Experience working across multiple countries and time zones is an advantage.

Company Overview

Fortives essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions.

We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. Were a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions.

We are a diverse team united by a dynamic, inclusive culture and energized by limitless learning and growth. We use proven business systems to accelerate our positive impact.

At Fortive, we believe in you. We believe in your potentialyour ability to learn, grow, and make a difference.

At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.

At Fortive, we believe in growth. Were honest about whats working and what isnt, and we never stop improving and innovating.

Ready to move your career forward? Find out more at (Company Website).

Equal Opportunity Employer

We are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. We are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at (Contact Information).

Bonus or Equity

This position is also eligible for bonus as part of the total compensation package.

Fortive Corporation Overview

Fortives essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions.

We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. Were a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions.

We are a diverse team 17,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact.

At Fortive, we believe in you. We believe in your potentialyour ability to learn, grow, and make a difference.

At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.

At Fortive, we believe in growth. Were honest about whats working and what isnt, and we never stop improving and innovating.

Fortive: For you, for us, for growth.

Ready to move your career forward? Find out more at careers.fortive.com.

We Are an Equal Opportunity Employer. Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Fortive and all Fortive Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at

Description

Come and build innovative services that protect our cloud from advanced security threats!

As a Senior Security Engineer on our team, you'll help build and manage services that detect and automate the mitigation of cybersecurity threats across Amazon's infrastructure, including advanced persistent threats. You will use your expertise in generative AI and machine learning to translate complex security data into services that have broad impact for AWS Security. You'll work with scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions at a massive scale. Our services protect the AWS cloud for all customers and help preserve our customers' trust in us. You'll get to use the full power and breadth of AWS technologies to build services that proactively protect every single AWS customer, both internally and externally, from security threats - not many teams can say that!

Key job responsibilities

• Research, identify, and prioritize security problems that can be detected using automation

• Develop detection prototypes for these security problems to enhance detection capabilities

• Identify opportunities to prevent security issues at scale

• Use models to uncover trends in structured and unstructured security data

• Mentor and develop teammates both technically and professionally

• Seek out, develop, and advocate for new technology to research, identify, and mitigate complex risks

About the team

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including the cloud.

Inclusive Team Culture

In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexibility is part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

Basic Qualifications

• 5+ years of experience performing security investigations, detection engineering, threat hunting, and/or incident response in the context of large organizations

• Understanding of Tactics, Techniques, and Procedures (TTPs) used by threat actors or groups

• Knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow)

• An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

• Ability to develop code with at least one modern language, such as Python

Preferred Qualifications

• Experience creating threat detections in enterprise environments

• Experience with analytic development for endpoint and/or network security

• Experience using common cloud services (IAM, Lambda, EC2, VPC, S3) for security response and/or automation

• Experience with data science, machine learning, big data analytics, and/or streaming technologies (e.g., Kafka, Spark Streaming, Kinesis)

• Experience with Generative AI frameworks such as Bedrock, Huggingface, or LangChain

• Experience with ML frameworks such as scikit-learn, PyTorch, TensorFlow, or AutoGluon

• Experience developing and running GenAI and/or ML models in production

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit . This position will remain posted until filled. Applicants should apply via our internal or external career site.