Security Specialist, AWS Hardware Supply Chain Security
Austin, Texas, USA
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Cloud security is our highest priority at AWS. As an AWS customer, you benefit from an environment built to meet the requirements of the most security-sensitive organizations. As an AWS Security team member, you will help secure that environment for our customers while working on security products for a variety of platforms and technologies, all operating at AWS’ scale.
We are seeking an experienced Security Specialist to join the AWS Hardware Supply Chain Security team. The ideal candidate will have a strong background in mitigating security risks associated with external suppliers, focusing on data sharing processes, firmware analysis, test code review, and networking environments. In this role, you will conduct due diligence on third-party vendors and service providers, and assist with on-site security reviews of physical and logical security at manufacturing facilities. You will also collaborate with penetration testing teams and participate in security lab investigations. This position requires occasional travel to factories for comprehensive security assessments.
The Hardware Supply Chain Security team evaluates the risk within AWS operating and supply chain environments and works with teams across the company to develop creative mitigations for the global AWS fleet. This holistic view of risk spans specific domains of hardware/firmware, networking, and human operations. In this role, the security engineer will look across these areas to identify risks and propose mitigations. They will identify and mitigate security vulnerabilities in AWS data center operations and external party environments. Our team proactively identifies gaps, vulnerabilities, and solutions across the entire lifecycle of the datacenter.
Key job responsibilities
Evaluating the effectiveness and efficiency of compliance program activities and recommend improvements to improve delivery at scale.
Leading and managing projects and campaigns with excellent project management skills.
Creating operational mechanisms to address recurring escalation patterns and persistent challenges
Simplifying and decomposing security compliance requirements into clear technical specifications and policies
Setting the vision and connecting the vision between technology, business strategies and requirements
Communicating to senior leadership the status and key deliverables of team initiatives, seek diverse opinions and lead improvement efforts. Leading Escalations
Influencing incoming and present regulations, legislation, mandates and standards for the betterment of AWS and our customers and reduce the impact to our internal and external stakeholders
Fielding and addressing requests for team support in collaboration with internal and external stakeholders.
Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.
Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.
Transforming raw thoughts into clear technical documentation and/or direction.
Operating a quality rhythm of the business for managing compliance expectations.
Using high judgment to distill diverse inputs from large customer segments and stakeholders to set a vision and design the right long-term solutions.
Leading a large, challenging initiative.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
- Bachelor's Degree in Cybersecurity or other related fields, or equivalent experience.
- 5+ years in project/program management in a technical field.
- 3+ years of IT security audit, compliance and/or relevant security regulatory experience.
- Have a record of delivery of IT process improvement projects with technology processes and/or major tech companies.
- Have experience in assessments, authorization and continuous monitoring of cloud services and products
- Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes.
- Have experience developing a security compliance strategy based on product roadmap.
- Have an understanding of evaluating the design and effectiveness of IT controls.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
We are seeking an experienced Security Specialist to join the AWS Hardware Supply Chain Security team. The ideal candidate will have a strong background in mitigating security risks associated with external suppliers, focusing on data sharing processes, firmware analysis, test code review, and networking environments. In this role, you will conduct due diligence on third-party vendors and service providers, and assist with on-site security reviews of physical and logical security at manufacturing facilities. You will also collaborate with penetration testing teams and participate in security lab investigations. This position requires occasional travel to factories for comprehensive security assessments.
The Hardware Supply Chain Security team evaluates the risk within AWS operating and supply chain environments and works with teams across the company to develop creative mitigations for the global AWS fleet. This holistic view of risk spans specific domains of hardware/firmware, networking, and human operations. In this role, the security engineer will look across these areas to identify risks and propose mitigations. They will identify and mitigate security vulnerabilities in AWS data center operations and external party environments. Our team proactively identifies gaps, vulnerabilities, and solutions across the entire lifecycle of the datacenter.
Key job responsibilities
Evaluating the effectiveness and efficiency of compliance program activities and recommend improvements to improve delivery at scale.
Leading and managing projects and campaigns with excellent project management skills.
Creating operational mechanisms to address recurring escalation patterns and persistent challenges
Simplifying and decomposing security compliance requirements into clear technical specifications and policies
Setting the vision and connecting the vision between technology, business strategies and requirements
Communicating to senior leadership the status and key deliverables of team initiatives, seek diverse opinions and lead improvement efforts. Leading Escalations
Influencing incoming and present regulations, legislation, mandates and standards for the betterment of AWS and our customers and reduce the impact to our internal and external stakeholders
Fielding and addressing requests for team support in collaboration with internal and external stakeholders.
Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.
Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.
Transforming raw thoughts into clear technical documentation and/or direction.
Operating a quality rhythm of the business for managing compliance expectations.
Using high judgment to distill diverse inputs from large customer segments and stakeholders to set a vision and design the right long-term solutions.
Leading a large, challenging initiative.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Basic Qualifications
- Bachelor's Degree in Cybersecurity or other related fields, or equivalent experience.
- 5+ years in project/program management in a technical field.
- 3+ years of IT security audit, compliance and/or relevant security regulatory experience.
Preferred Qualifications
- Demonstrated understanding of cloud computing services/deployment architecture.- Have a record of delivery of IT process improvement projects with technology processes and/or major tech companies.
- Have experience in assessments, authorization and continuous monitoring of cloud services and products
- Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes.
- Have experience developing a security compliance strategy based on product roadmap.
- Have an understanding of evaluating the design and effectiveness of IT controls.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
CloudSec Jobs
Tags: Application security Audits AWS Cloud Compliance Monitoring Pentesting Security assessment Strategy Vulnerabilities
Perks/benefits: Career development Flex hours Startup environment Team events
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Specialist jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsInformation Security Manager jobsSystems Engineer jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Specialist jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSenior Software Engineer jobs
Java jobsEncryption jobsEDR jobsBash jobsTS/SCI jobsIDS jobsIPS jobsThreat detection jobsSQL jobsTerraform jobsSDLC jobsSplunk jobsMalware jobsTop Secret jobsFinance jobsDocker jobsForensics jobsSOC 2 jobsRMF jobsActive Directory jobsCompTIA jobsIntrusion detection jobsITIL jobsOWASP jobsGIAC jobs
DoDD 8570 jobsVPN jobsAnsible jobsHIPAA jobsOSCP jobsIT infrastructure jobsData Analytics jobsTCP/IP jobsUNIX jobsCCSP jobsCRISC jobsSAP jobsBanking jobsSANS jobsSOAR jobsSOX jobsJavaScript jobsMITRE ATT&CK jobsSecurity strategy jobsClearance Required jobsMachine Learning jobsZero Trust jobsDNS jobsJira jobsPolygraph jobs