Bellevue, WA, 98005, USA
5 days ago
Security Engineer , Kuiper Enterprise Technology - Low Earth Orbit Satellites
Description Have you ever wanted to be part of a team who is building industry changing technology? Project Kuiper is an initiative to increase global broadband access through a constellation of 3,236 satellites in low Earth orbit (LEO). Its mission is to bring fast, affordable broadband to unserved and underserved communities around the world. Project Kuiper will help close the digital divide by delivering fast, affordable broadband to a wide range of customers, including consumers, businesses, government agencies, and other organizations operating in places without reliable connectivity. We are looking for a highly autonomous person motivated to take on challenges with a technical background to be part of a growing team that analyzes and implements Kuiper controls. As part of the Kuiper Enterprise Technology team, be seen as an expert in delivering Kuiper control systems and processes to meet Kuiper security and compliance standards. Be a key liaison with Kuiper service teams, infrastructure teams, Kuiper Security, and Global Trade and Compliance. Have the ability to dive deep, understand, document, communicate and implement controls for IT systems and processes, and be able to drive innovative process changes and automation throughout the Kuiper organization. You are someone who loves working across many stakeholders to design solutions for complex compliance challenges. We have a team culture that encourages ownership, diversity, inclusion, and innovation. We expect team members and management alike to take a high degree of ownership for their program vision of ideas. You will have an opportunity to work across the entire Kuiper organization implementing and managing various controls along side of Kuiper Security. Kuiper security owns policy and definition of controls, this role owns the coordination, development, implementation, and change management of controls as well as managing defects and improvements. Key job responsibilities • Understand and implements ISO 27001, NIST, and other security controls • Understanding of threat modeling, manual source code review, security vulnerabilities, attacker exploit techniques, and methods for their remediation. • Assisting certifications and assessments programs by liaising with Kuiper Security, auditors, and Kuiper service teams, articulating control implementation and impact, and documenting procedures • Establishing credibility and maintaining strong working relationships with groups involved with Information Security and compliance teams (Kuiper Sec, Info Sec, Legal, Internal Audit, Physical Security, Developer Community, Networking, Systems, etc.) • Identify automation opportunities while working across engineering teams • Helps drive continuous improvements to the Kuiper compliance program, the program management process, and control implementation projects in coordination with the service teams and Kuiper Security • Captures and tracks information security metrics and goals for all required controls • Develop dashboards, canaries, and alarms for all automated controls • Clearly communicating vision, deliverables, and project status to management and key technical and business stakeholders • Delivers recommendations and risk interpretations in a clear, concise, and audience-specific format Export Control Requirement Due to the need to access certain federal controlled information, you must be a U.S. citizen for consideration A day in the life This is a fast-paced, intellectually challenging position, and will work with leaders in multiple technology areas. Have relentlessly high standards for yourself and everyone you work with, and be constantly looking for ways to improve your product’s performance, quality and cost. We want individuals who are ready for this challenge and want to reach beyond what is possible today. About the team Here at Amazon, we embrace our differences. We are committed to furthering our culture of inclusion. Amazon has ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust. At Amazon, our mission is to be the most customer-centric company on Earth. To get there, we need exceptionally talented, bright and driven people. We're dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we’re building an environment that celebrates knowledge sharing and mentorship Basic Qualifications - DevOps - CDK or similar - 3+ years of IT security audit, compliance and/or relevant Federal regulatory experience - 3+ years of experience in performing technical audits/assessments in direct support of a major compliance effort (e.g., FedRAMP, ISO, FISMA, NIST 800 series frameworks) - Understanding of threat modeling, manual source code review, security vulnerabilities, attacker exploit techniques, and methods for their remediation. - Demonstrated understanding of cloud computing services/deployment architecture - Deep technical background with experience in common IT infrastructure and services/applications Preferred Qualifications - Experience working with US Government Compliance Frameworks/Programs including: FedRAMP, NIST, ISO, FISMA - Have experience with 3PAO assessments - Have experience in assessments, authorization, and continuous controls monitoring - Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes - Experience with design and implementation of security controls both manual and automated Direct experience in identification, management, monitoring and reporting risks/POA&Ms - Have an industry certification such as CISSP, CISA, and CISM - Experience in technical security design, compliance consulting, or advisory work in support of a highly technical DevOps and cloud environment Amazon is committed to a diverse and inclusive workplace. - Experience building certification roadmaps, compliance documentation, and implementing controls for a large organization Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us. Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
Confirm your E-mail: Send Email