✦ Luna Orbit — Cybersecurity

Security Engineer, Threat Detection

at Amazon.com

📍 US, VA, Arlington Unknown Posted April 14, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Full-Time
Experience mid
Exp. Years Not specified
Education Not specified
Category Cybersecurity

About this role

Join Amazon Stores Security’s Threat Detection team to research emerging threats and build high-confidence detections that identify malicious activity across large-scale log data. You will collaborate with Incident Response, Threat Hunting, Threat Intelligence, and Red Team, and you will use automation and ML/Generative AI methods to improve detection capabilities and reduce false positives.

Key Responsibilities

  • Develop high-fidelity threat detections aligned to TTPs
  • Enhance detection engineering lifecycle and processes
  • Enrich alerts with contextual data and reduce false positives
  • Research and advance detection capabilities using machine learning or generative AI
  • Automate detection tooling and operational workflows using Python

Technical Overview

This role is primarily detection engineering: building and tuning threat detections aligned to attacker tactics, techniques, and procedures (TTPs), enriching alerts with contextual data, and automating remediation and response workflows. You will also prototype and deploy detection improvements using machine learning, advanced data correlation, risk-based alerting, and generative AI, implemented with Python-based tooling at scale.

Ideal Candidate

The ideal candidate is a Security Engineer focused on threat detection engineering at scale, with hands-on experience developing high-fidelity detections over large-scale log data. They partner closely with Incident Response, Threat Hunting, Threat Intelligence, and Red Team, and they use Python to automate detection development, testing, alert enrichment, and remediation workflows using machine learning and generative AI techniques.

Must-Have Skills

Identify critical threats targeting Amazon's network by leveraging threat intelligence and security researchdeliver high-fidelity threat detections aligned to attacker tacticstechniquesand procedures (TTPs)Enhance detection engineering processesDevelop platform requirements to enrich alerts with contextual datareduce false positivesautomate remediation and response actions in coordination with incident response teamsutilizing the latest techniques to detect threats at scaleAutomate your way through challenges using Python or other scripting languages

Required Skills

threat detectionthreat intelligencesecurity researchIncident ResponseThreat HuntingThreat IntelligenceRed Teamdetection engineeringhigh-confidence detectionslog dataattacker tactics techniques and procedures (TTPs)false positivesrisk-based alertingadvanced data correlationmachine learninggenerative AIPythonscripting languagesautomation remediation

Hard Skills

threat detectionthreat intelligencesecurity researchthreat huntingincident responsehigh-confidence detectionslog data analysisdetection engineeringdetection lifecycle managementfalse positives reductionalert contextual enrichmentautomation remediationrisk-based alertingadvanced data correlationmachine learningmachine learning techniquesgenerative AIPythonscripting languagestoolingdetections testingdetections maintenanceattacker tacticstechniquesand procedures (TTPs)

Soft Skills

research emerging threatscollaboration with Incident Responsecollaboration with Threat Huntingcollaboration with Threat Intelligencecollaboration with Red Teamcommunicate actionable detection improvementswork at scale

Industry & Role

Industry E-commerce
Job Function Engineer threat detections that proactively identify malicious activity and enable rapid incident response at scale.
Role Subtype Security Engineer
Tech Domains Cybersecurity

Keywords for Your Resume

Security EngineerThreat Detectionthreat detectionthreat intelligencesecurity researchhigh-confidence detectionslog dataIncident ResponseThreat HuntingThreat IntelligenceRed Teamdetection engineeringfalse positivesrisk-based alertingadvanced data correlationmachine learninggenerative AIPythonscripting languagesdetection lifecycleautomate remediationattacker tacticstechniquesand procedures (TTPs)

Deal Breakers

Must have hands-on experience developing threat detections for large-scale log data, Must have experience using Python or other scripting languages for automation

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile