Job Information
Amazon Senior Hardware Security Engineer, Hardware Supply Chain Security Team (HSCS) in Austin, Texas
Description
The AWS Hardware Supply Chain Security (HSCS) team is looking for a Security Engineer to help guide our global hardware supplier and manufacturing security program. You will work with a team of professionals around the world to help assess and mitigate risks in partner manufacturing and logistics, contribute to new mechanisms for defense and response, and analyze the ever-shifting threat landscape to help us prioritize continuous improvement. You will have the opportunity to work in a supportive, collaboration-filled environment to build and secure the future of the cloud.
The HSCS team exists to direct strategic investments across AWS, and focuses relentlessly on achieving mitigations that eliminate risk in the most efficient and customer-obsessed way possible. If you have experience in areas such as modern semiconductor manufacturing and test, hardware/firmware analysis, or supply chain security, your expertise is needed more than ever and we are interested in talking to you!
In order to inform your recommendations and steer AWS in the right direction, you will be called upon to provide risk assessment and forensic analysis on hardware sampled from the AWS supply chain and to provide perspective on security controls for hardware manufacturing environments. This could include physical aspects of facilities such as cameras and storage areas, digital aspects of manufacturing networks and systems, software development lifecycle (SDLC) and image source control, audit mechanisms that are durable/repeatable, and a wide variety of other security controls. The ideal candidate will have past experience in technical equipment manufacturing operations, and a solid understanding of supply chain business considerations such component sourcing, process optimization, logistics and customs, etc.
In this role, you will assess risks to AWS originating at suppliers, provide direction to the AWS Security Hardware Lab on how to improve risk detection, and own the specification and shepherding of security requirements for hardware/firmware lifecycle processes. You will work with fellow security professionals from across Amazon as well as supplier and data center operations teams to partner in keeping the AWS supply chain secure.
Job responsibilities
Assess and prioritize security findings and recommend appropriate mitigations
Perform hands-on threat modeling, risk assessment, and manufacturing security validation
Security training and outreach to internal teams and external supply chain partners
Travel as needed to provide insight and feedback to suppliers and data centers around the world
Mentor! Learn! Constantly develop your own skills and guide others to improve their own
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
About the team
About Amazon Security
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Basic Qualifications
Bachelors Degree or Equivalent Work Experience
Familiarity with hardware and firmware development and deployment
Minimum of 5 years of experience in hardware or supply chain security, with demonstrated experience in any combination of the following: --Threat modeling and security risk analysis --Security or compliance assessment/auditing --Manufacturing systems or process control --Physical facility or shipping logistics security --IT security configuration and defense for enterprise server and network infrastructure
Preferred Qualifications
5+ years of experience in two or more of the technical categories above
An understanding of network concepts such as OSI Layers, routing and subnets, encryption, and DNS
Experience with security assessment frameworks (NIST, CIS Top 20, OWASP, ISO 27000 series)
Experience working in/with a forensic hardware lab
Practical understanding of AWS cloud services and concepts such as S3, EC2, Lambda, and VPC
Track record of complex project delivery, effective organization, and business insight
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.