Cloud security is our highest priority at AWS. As an AWS customer, you benefit from an environment built to meet the requirements of the most security-sensitive organizations. As an AWS Security team member, you will help secure that environment for our customers while working on security products across a wide variety of platforms and technologies, all operating at AWS' scale.
We are seeking an experienced Security Industry Specialist to help drive our global Hardware Supply Chain Security program, with emphasis on mitigating risk across the entire hardware lifecycle, through third-party suppliers and AWS operations. You will work with a team of professionals around the world to assess and mitigate risks in Amazon manufacturing operation and logistics, conduct and coordinate on-site security assessments, contribute to new mechanisms for defense and response, and analyze the ever-shifting threat landscape to help us prioritize continuous improvement. You will do this in a supportive, collaboration-filled environment with the mandate to continually build and secure the future of the cloud.
Our security team evaluates risk within AWS operating and supply chain environments and works with teams across the company to develop creative mitigations for the global AWS fleet. This holistic view of risk spans hardware/firmware, manufacturing networks and systems, software development lifecycle (SDLC) and image source control, physical facility and transport security, and the people and procedures that make up the global hardware supply chain. If you have experience in areas such as modern semiconductor manufacturing and test, supply chain logistics, hardware/firmware analysis, or physical facility and transport security, your expertise is needed more than ever and we are interested in talking to you!
In this fast-paced, dynamic role, you will gather detailed, objective information about manufacturing environments and rely on your own perspective and judgment to focus stakeholders on what matters most to our customers. You will provide risk assessments and perspective on security controls for hardware manufacturing environments — including physical aspects of facilities such as cameras and storage areas, digital aspects of manufacturing networks and systems, SDLC and image source control, and durable, repeatable audit mechanisms. The ideal candidate thrives in ambiguous environments, maintains high standards, and approaches challenges with creativity and self-direction, and brings a solid understanding of supply chain business considerations such as component sourcing, process optimization, logistics, and customs.
This role requires frequent travel, 60% or more, to suppliers and Amazon facilities around the world. Our team is mission-focused and puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here.
Key job responsibilities
- Lead technical internal and external engagements to document business requirements and operational challenges, and identify security risk
- Manage the schedule and logistical coordination for on-site security assessments around the world
- Assess and prioritize security findings and recommend appropriate mitigations
- Analyze data and deliver insightful written documentation of technical solutions to cross-functional teams and leaders
- Partner with suppliers to address security findings and continually improve supply chain security
- Build trusted relationships with stakeholders across different geographies and cultures
- Drive resolution of complex escalations and security findings where problems and solutions may not be clearly defined
- Travel 60% or more to conduct assessments, educate partners, and support key business relationships
- Mentor! Learn! Constantly develop your own skills and guide others to improve their own
A day in the life
In this role, you will assess risks to AWS originating at suppliers and own the specification and shepherding of security requirements for hardware/firmware lifecycle processes. You will work with fellow security professionals from across Amazon as well as supplier and data center operations teams to keep the AWS supply chain secure. Our team is dedicated to supporting new members — we have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship.
- 5+ years of supply chain operations experience
- Experience in physical security
- Experience with two or more of the following: networking fundamentals, security, storage or databases (relational or NoSQL), operating systems (Unix, Linux, or Windows)
- - 3+ years as part of an audit or security assessment program, with strong written and verbal communication, and one or more of the following:
- - Professional fluency in both Mandarin Chinese and English (written and verbal)
- - Ability to work effectively in remote environments
- Experience with data analysis tools such as Excel, Pivot Tables, macros, SQL, visualization tools - Tableau, Quicksight, etc.
- professional certification in information security (SANS GIAC, CISSP, or equivalent), or Bachelor's degree
- Knowledge of fundamentals of networking, security, databases (relational or NoSQL), operating systems (Unix, Linux, and/or Windows)
- - 5+ years of professional experience in cross-functional program management
- - Experience with security assessment frameworks (NIST, CIS Top 20, OWASP, ISO 27000 series)
- - Hands-on experience conducting audits and interacting directly with on-site personnel
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
We are seeking an experienced Security Industry Specialist to help drive our global Hardware Supply Chain Security program, with emphasis on mitigating risk across the entire hardware lifecycle, through third-party suppliers and AWS operations. You will work with a team of professionals around the world to assess and mitigate risks in Amazon manufacturing operation and logistics, conduct and coordinate on-site security assessments, contribute to new mechanisms for defense and response, and analyze the ever-shifting threat landscape to help us prioritize continuous improvement. You will do this in a supportive, collaboration-filled environment with the mandate to continually build and secure the future of the cloud.
Our security team evaluates risk within AWS operating and supply chain environments and works with teams across the company to develop creative mitigations for the global AWS fleet. This holistic view of risk spans hardware/firmware, manufacturing networks and systems, software development lifecycle (SDLC) and image source control, physical facility and transport security, and the people and procedures that make up the global hardware supply chain. If you have experience in areas such as modern semiconductor manufacturing and test, supply chain logistics, hardware/firmware analysis, or physical facility and transport security, your expertise is needed more than ever and we are interested in talking to you!
In this fast-paced, dynamic role, you will gather detailed, objective information about manufacturing environments and rely on your own perspective and judgment to focus stakeholders on what matters most to our customers. You will provide risk assessments and perspective on security controls for hardware manufacturing environments — including physical aspects of facilities such as cameras and storage areas, digital aspects of manufacturing networks and systems, SDLC and image source control, and durable, repeatable audit mechanisms. The ideal candidate thrives in ambiguous environments, maintains high standards, and approaches challenges with creativity and self-direction, and brings a solid understanding of supply chain business considerations such as component sourcing, process optimization, logistics, and customs.
This role requires frequent travel, 60% or more, to suppliers and Amazon facilities around the world. Our team is mission-focused and puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here.
Key job responsibilities
- Lead technical internal and external engagements to document business requirements and operational challenges, and identify security risk
- Manage the schedule and logistical coordination for on-site security assessments around the world
- Assess and prioritize security findings and recommend appropriate mitigations
- Analyze data and deliver insightful written documentation of technical solutions to cross-functional teams and leaders
- Partner with suppliers to address security findings and continually improve supply chain security
- Build trusted relationships with stakeholders across different geographies and cultures
- Drive resolution of complex escalations and security findings where problems and solutions may not be clearly defined
- Travel 60% or more to conduct assessments, educate partners, and support key business relationships
- Mentor! Learn! Constantly develop your own skills and guide others to improve their own
A day in the life
In this role, you will assess risks to AWS originating at suppliers and own the specification and shepherding of security requirements for hardware/firmware lifecycle processes. You will work with fellow security professionals from across Amazon as well as supplier and data center operations teams to keep the AWS supply chain secure. Our team is dedicated to supporting new members — we have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship.
Basic qualifications
- Bachelor's degree or equivalent in Computer Science, Engineering, Information Systems Management, Information Security or other related fields- 5+ years of supply chain operations experience
- Experience in physical security
- Experience with two or more of the following: networking fundamentals, security, storage or databases (relational or NoSQL), operating systems (Unix, Linux, or Windows)
- - 3+ years as part of an audit or security assessment program, with strong written and verbal communication, and one or more of the following:
- - Professional fluency in both Mandarin Chinese and English (written and verbal)
- - Ability to work effectively in remote environments
Preferred qualifications
- Experience experience using data and metrics to measure impact and determine improvements- Experience with data analysis tools such as Excel, Pivot Tables, macros, SQL, visualization tools - Tableau, Quicksight, etc.
- professional certification in information security (SANS GIAC, CISSP, or equivalent), or Bachelor's degree
- Knowledge of fundamentals of networking, security, databases (relational or NoSQL), operating systems (Unix, Linux, and/or Windows)
- - 5+ years of professional experience in cross-functional program management
- - Experience with security assessment frameworks (NIST, CIS Top 20, OWASP, ISO 27000 series)
- - Hands-on experience conducting audits and interacting directly with on-site personnel
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.