Wireless Security Engineer II, SPEAR Wireless Security

We are open to hiring candidates to work out of one of the following locations:

Remote Location - California

The Amazon Special Programs, Evaluations, Assessments, and Response (SPEAR) Wireless Security team assesses wireless risk in Amazon facilities, building and driving solutions to protect our customers and business. We are hiring a Security Engineer (SecEng) who is motivated to identify wireless vulnerabilities, mitigate wireless security risks, and build security tools. If you are passionate about wireless security and want to engineer solutions on a global scale, this is the role for you!

The wireless security evaluator will work on a small tactical wireless security assessment team, working with Amazon cross functional teams to methodically assess adherence to security standards and industry best practices in Amazon facilities across the world. They will apply their knowledge of information security with a variety of wireless tools to capture data, test systems, and identify and deep dive security issues. They will educate partner teams, generate and manage trouble tickets (i.e. security findings), and interact with wireless security systems and wireless security owners to mitigate/remediate security risks that impact Amazon data, operations, and/or reputation. They will build custom tools and leverage enterprise tools used across Amazon Security to query data, analyze logs (e.g. PCAP, syslog), identify trends, and detect anomalies that require mitigation and remediation efforts.

The candidate should have a record of accomplishment in the wireless security domain, possess excellent verbal and written communication skills, be able to analyze data from disparate sources, and demonstrate sound judgment while under pressure. They need to be successful at prioritizing, project oriented, self-motivated, and able to use discretion when dealing with sensitive information. They should also be able to rapidly learn new technologies, consider multiple solutions to problems, and show high levels of judgement when determining risk and impact of security events. An ideal candidate will have a thorough understanding of wireless security problems/risks as context for decision making when taking ownership to solve problems. They embody our 16 Leadership Principles, and are especially strong in Bias for Action, Ownership, and Dive Deep.

The Amazon SPEAR Wireless Security team conducts wireless security assessments of Amazon facilities, technologies, and services. We are part of a larger assessment team that identifies security issues in other security domains. SPEAR is a global security team with personnel located across multiple countries. We care deeply about the security of our customer's data and are always looking around the corner to spot previously unknown security issues.

The role requires up to 50% travel both within the United States and outside the United States.


Key job responsibilities
The wireless security evaluator is responsible for identifying wireless-related security issues at Amazon facilities through expert judgement and knowledge. They lead and contribute to wireless security assessments, working independently or part of a team. They regularly practice their knowledge of RF fundamentals and specific protocols such as 802.11, Bluetooth, wireless Internet of Things (e.g. Zigbee, Lora), cellular (2G-5G), two-way radio systems, and general RF modulations. They write accurate findings with appropriately calibrated risk; this requires understanding of security controls, understanding the larger security picture of which wireless is a part, and alignment with partner teams. They may drive remediation efforts. They draft and present evaluations reports, briefs, and papers for senior leadership, internal departments, and stakeholders regarding vulnerabilities, security concerns, and operations gaps as they affect Amazon data, operations, and/or reputation. They build tools that make the team more efficient at assessing wireless security; this may include hardware, software, and threat detection logic. They conduct ad-hoc penetration testing to include network and service/application layers. They regularly engage with partner teams and customers to understand security concerns and educate on wireless security topics. They may present security topics at internal and external conferences.

A day in the life
You may spend your day traveling to a facility to assess the wireless environment. You walk around the facility with radios capturing and analyzing signals. If you find something, you deep dive it to determine risk. This may include testing attacks or replicating the system in a lab environment. You document the issue, then present these findings to the owners. You work with the owners to drive a successful outcome to the issue. You may also build a new testing tool, work with a team mate on a report or new idea, or research a newly released wireless vulnerability.

About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Basic Qualifications

- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- 3+ years of experience with security engineering, penetration testing, or wireless security
- 3+ years experience working in wireless vulnerability identification, exploitation, or remediation of issues related to several of the following: 802.11, Bluetooth, IOT waveforms (e.g. Zigbee, Lora), Cellular (2G-5G), two-way radio systems, or similar
- Demonstrated proficiency with creating testing tools/scripts using languages such as Bash, PowerShell, or Python. U.S. Person or U.S. Citizen due to ITAR/Export Controlled nature of work

Preferred Qualifications

- Experience with AWS products and services
- Bachelor's degree in computer science or equivalent
- Experience using software defined radios. Experience working with an enterprise wireless intrusion detection system (WIDS)
- Experience with cyber threat intelligence analysis
- Experience working in fast paced environments, and ability to manage workload even during times of stress or escalated activity. Strong communications (both written and verbal, presentation and interpersonal skills)

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.