Security Specialist, AWS Hardware Supply Chain Security
Apply NowCompany: Amazon
Location: Austin, TX 78745
Description:
Cloud security is our highest priority at AWS. As an AWS customer, you benefit from an environment built to meet the requirements of the most security-sensitive organizations. As an AWS Security team member, you will help secure that environment for our customers while working on security products for a variety of platforms and technologies, all operating at AWS' scale.
We are seeking an experienced Security Specialist to join the AWS Hardware Supply Chain Security team. The ideal candidate will have a strong background in mitigating security risks associated with external suppliers, focusing on data sharing processes, firmware analysis, test code review, and networking environments. In this role, you will conduct due diligence on third-party vendors and service providers, and assist with on-site security reviews of physical and logical security at manufacturing facilities. You will also collaborate with penetration testing teams and participate in security lab investigations. This position requires occasional travel to factories for comprehensive security assessments.
The Hardware Supply Chain Security team evaluates the risk within AWS operating and supply chain environments and works with teams across the company to develop creative mitigations for the global AWS fleet. This holistic view of risk spans specific domains of hardware/firmware, networking, and human operations. In this role, the security engineer will look across these areas to identify risks and propose mitigations. They will identify and mitigate security vulnerabilities in AWS data center operations and external party environments. Our team proactively identifies gaps, vulnerabilities, and solutions across the entire lifecycle of the datacenter.
Key job responsibilities
Evaluating the effectiveness and efficiency of compliance program activities and recommend improvements to improve delivery at scale.
Leading and managing projects and campaigns with excellent project management skills.
Creating operational mechanisms to address recurring escalation patterns and persistent challenges
Simplifying and decomposing security compliance requirements into clear technical specifications and policies
Setting the vision and connecting the vision between technology, business strategies and requirements
Communicating to senior leadership the status and key deliverables of team initiatives, seek diverse opinions and lead improvement efforts. Leading Escalations
Influencing incoming and present regulations, legislation, mandates and standards for the betterment of AWS and our customers and reduce the impact to our internal and external stakeholders
Fielding and addressing requests for team support in collaboration with internal and external stakeholders.
Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.
Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.
Transforming raw thoughts into clear technical documentation and/or direction.
Operating a quality rhythm of the business for managing compliance expectations.
Using high judgment to distill diverse inputs from large customer segments and stakeholders to set a vision and design the right long-term solutions.
Leading a large, challenging initiative.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
BASIC QUALIFICATIONS
- Bachelor's Degree in Cybersecurity or other related fields, or equivalent experience.
- 5+ years in project/program management in a technical field.
- 3+ years of IT security audit, compliance and/or relevant security regulatory experience.
PREFERRED QUALIFICATIONS
- Demonstrated understanding of cloud computing services/deployment architecture.
- Have a record of delivery of IT process improvement projects with technology processes and/or major tech companies.
- Have experience in assessments, authorization and continuous monitoring of cloud services and products
- Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes.
- Have experience developing a security compliance strategy based on product roadmap.
- Have an understanding of evaluating the design and effectiveness of IT controls.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
We are seeking an experienced Security Specialist to join the AWS Hardware Supply Chain Security team. The ideal candidate will have a strong background in mitigating security risks associated with external suppliers, focusing on data sharing processes, firmware analysis, test code review, and networking environments. In this role, you will conduct due diligence on third-party vendors and service providers, and assist with on-site security reviews of physical and logical security at manufacturing facilities. You will also collaborate with penetration testing teams and participate in security lab investigations. This position requires occasional travel to factories for comprehensive security assessments.
The Hardware Supply Chain Security team evaluates the risk within AWS operating and supply chain environments and works with teams across the company to develop creative mitigations for the global AWS fleet. This holistic view of risk spans specific domains of hardware/firmware, networking, and human operations. In this role, the security engineer will look across these areas to identify risks and propose mitigations. They will identify and mitigate security vulnerabilities in AWS data center operations and external party environments. Our team proactively identifies gaps, vulnerabilities, and solutions across the entire lifecycle of the datacenter.
Key job responsibilities
Evaluating the effectiveness and efficiency of compliance program activities and recommend improvements to improve delivery at scale.
Leading and managing projects and campaigns with excellent project management skills.
Creating operational mechanisms to address recurring escalation patterns and persistent challenges
Simplifying and decomposing security compliance requirements into clear technical specifications and policies
Setting the vision and connecting the vision between technology, business strategies and requirements
Communicating to senior leadership the status and key deliverables of team initiatives, seek diverse opinions and lead improvement efforts. Leading Escalations
Influencing incoming and present regulations, legislation, mandates and standards for the betterment of AWS and our customers and reduce the impact to our internal and external stakeholders
Fielding and addressing requests for team support in collaboration with internal and external stakeholders.
Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.
Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.
Transforming raw thoughts into clear technical documentation and/or direction.
Operating a quality rhythm of the business for managing compliance expectations.
Using high judgment to distill diverse inputs from large customer segments and stakeholders to set a vision and design the right long-term solutions.
Leading a large, challenging initiative.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
BASIC QUALIFICATIONS
- Bachelor's Degree in Cybersecurity or other related fields, or equivalent experience.
- 5+ years in project/program management in a technical field.
- 3+ years of IT security audit, compliance and/or relevant security regulatory experience.
PREFERRED QUALIFICATIONS
- Demonstrated understanding of cloud computing services/deployment architecture.
- Have a record of delivery of IT process improvement projects with technology processes and/or major tech companies.
- Have experience in assessments, authorization and continuous monitoring of cloud services and products
- Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes.
- Have experience developing a security compliance strategy based on product roadmap.
- Have an understanding of evaluating the design and effectiveness of IT controls.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.