Penetration Test Manager (Security Engineering)

Job summary
Amazon Devices and Services is an inventive research and development organization that designs and engineers Amazon devices, from Kindle to Fire TV and Amazon Echo. What will you help us create?

Are you interested in being part of a top-notch penetration test team covering Amazon devices (including Kindle, FireTV, Halo health band, Astro robots, Kuiper Satellites and ecosystem, Echo family of devices, etc.) and services providing exciting experiences to customers? If you want to keep customers data safe through creative innovations, we have a job for you! We are looking for a strong leader to create and grow a strong team while spearheading strategic direction for penetration tests to cover services.

Devices and Services pen test organization is growing and is seeking an experienced manager to lead one of our internal penetration testing teams. In this role, you will lead a team of highly skilled penetration testers to assess Amazon’s devices, services, applications, and websites; and partner with other security teams (Application security, Red Teams, etc.) to remediate weaknesses and sharpen our software development lifecycle. This role will provide you with challenging leadership and technical opportunities, but will also be a great deal of fun if hacking Amazon sounds exciting to you!

You will be focused on using your leadership and technical skills to continually lead the direction and evolution of the team and orchestrate penetration testing engagements in order to maintain and raise Amazon’s high security bar. Additionally, you’ll be driving strategic initiatives from your team by influencing key stakeholders and partnering with teams throughout Amazon to enable the implementation of innovative security solutions and controls to improve Amazon’s security and software development posture. You’ll be backed up by a team of highly-skilled security engineers focused on attacking Amazon from a variety of perspectives, all working with a singular focus of maintaining our customer’s trust. You must also demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its Customers secure.


Key job responsibilities
* Lead, manage, and develop a high performing technical Penetration Testing Team across multiple locations
* Manage and coordinate complex penetration testing projects involving multiple security engineers, technology stacks, and development teams
* Lead the strategic direction and evolution of the Penetration Testing Team, including setting goals and establishing priorities
* Drive strategic initiatives by influencing leadership, key stakeholders, and partnering with teams throughout Amazon
* Lead effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities
* Lead improvements to internal program and process
* Write and deliver high-quality documents for technical and non-technical audiences

Basic Qualifications

· 2+ years experience in a technical security leadership (people manager) role
· 5+ years of experience in Information Security related domains, with knowledge of security fundamentals, application vulnerabilities, application attack vectors, penetration testing methodologies, and tools
· 2+ years of experience driving Information Security initiatives across large diverse organizations
· Experience communicating with a wide range of technical & non-technical partners and senior leadership

Preferred Qualifications

· Experience leading teams across multiple locations
· Ability to exercise sound judgement, problem solve, and make decisions in the face of ambiguity and imperfect knowledge
· Ability to write effective communications
· Sharp analytical abilities and attention to detail
· Ability to handle multiple competing priorities in a fast-paced, deadline-driven environment
· Ability to take ownership, self-motivate, and deliver results in highly ambiguous environments
· Experience with driving remediation/mitigation of security issues and control gaps
· Experience gathering and reporting metrics to measure service and program effectiveness and consistency
· Technical knowledge of adversary Tactics, Techniques, and Procedures (TTPs)

· Experience with cloud service providers and their offerings, preferably AWS, and its various technologies and services
· Knowledge of system or security design approaches with experience driving engineering and architectures to deliver results
· BA/BS in Computer Science or related field


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.