Manager, Security Engineering, Aws Security Incident Response

Amazon Amazon · Big Tech · Seattle, WA · Systems, Quality, & Security Engineering

Manager for AWS Security Incident Response team, leading a transformation towards AI-native operations. The role involves managing security engineers, engaging with customer executives, and driving automation by leveraging AI investigation agents and feedback loops. The team aims to autonomously resolve routine investigations, allowing human analysts to focus on complex threats.

What you'd actually do

  1. Own day-to-day operations across threat detection, triage, investigation, and incident response for a regional team of security engineers operating under defined Service Level Objectives (SLOs)
  2. Manage investigation queue health, enforce response time targets, and drive the team toward zero pending tickets at all times
  3. Engage directly with customer security executives — CISOs, VPs of Security, and their teams — to communicate findings, lead post-incident reviews, advise on security posture, and build long-term trust
  4. Serve as a senior escalation point for complex or high-severity incidents, taking direct ownership when investigations require leadership judgment or cross-team coordination
  5. Drive the response-to-automation flywheel: capture lessons from investigations to improve automation, enrich detection capabilities, and measure impact through metrics you define and own

Skills

Required

  • 5+ years of managing and developing teams experience
  • 5+ years of progressive work within a software security team or related operating environment experience
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Experience establishing credibility quickly with senior level executives across organizations
  • Experience defining program requirements and using data and metrics to drive improvements
  • Hands-on experience conducting or leading information security investigations during complex incidents

Nice to have

  • information security professional certification (SANS GIAC, CISSP etc.)
  • Master's degree in Computer Science or a related field
  • Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support
  • Experience managing teams, or experience with Machine Learning and Large Language Model fundamentals, including architecture, training/inference lifecycles, and optimization of model execution
  • Experience working in a fast-paced, rapidly changing operations environment

What the JD emphasized

  • AI-native security operations
  • AI-powered investigation agents
  • human-in-the-loop guarantees
  • driving AI accuracy through feedback loops and quality controls
  • fundamental transformation
  • AI agents conduct routine investigations autonomously

Other signals

  • AI-native security operations
  • AI-powered investigation agents
  • autonomous resolution of routine investigations
  • human-in-the-loop guarantees
  • driving AI accuracy through feedback loops