Wireless Security Specialist, AWS Security - SPEAR

Job summary
Amazon Web Services Security Team team is hiring a Security Engineer (SE) who is motivated to rapidly mitigate wireless security risks, identify wireless vulnerabilities, and continuously improve processes. A thorough understanding of Information Security and a proficiency in prioritization techniques to manage competing workloads is essential. A successful candidate also embodies our 16 leadership principles; especially strong in Bias for Action, Earns Trust, and Ownership.

The wireless security vulnerability assessor will work with security leaders and AWS cross functional teams to methodically ensure adherence to standards and best practices while evaluating wireless security risks to AWS Data Centers. The role will participate in communications, generate and manage trouble tickets (i.e. security findings), interact with wireless security systems and wireless security owners in order to mitigate/remediate wireless security risks that impact AWS data, operations, and/or reputation.

The AWS Wireless Security Evaluations team identifies wireless security vulnerabilities, leverages and builds evaluation tools and systems across AWS Security to identify trends, query databases, analyze logs (e.g pcap/syslog), and detect anomalies that require mitigation and remediation efforts. Moreover, as Wireless Security Evaluations continues to grow, the role will act as a mentor to junior employees.

The successful candidate should have a record of accomplishment within the wireless security domain, possess excellent verbal and written communication skills, be able to analyze data from disparate sources, and demonstrate sound judgment while under pressure. They need to be successful at multitasking, be self-motivated, and use discretion when dealing with sensitive information. They should also be able to rapidly learn new technologies, consider multiple solutions to problems, and show high levels of judgement when determining risk and impact of security events. An ideal candidate will have a thorough understanding of wireless security problems/risks as context for decision making when taking ownership to solve problems.

The role requires up to 50% travel both within the United States and outside the United States.

Responsibilities:
· Independently works and supports wireless evaluation campaign findings, researches/recommends mitigations, and analyzes potential wireless security vulnerabilities from a variety of sources to identify patterns and trends.
· Produce evaluations reports, briefs, and white papers for senior leadership, internal departments, and stakeholders regarding vulnerabilities, security concerns, and operations gaps as they affect AWS data, operations, and/or reputation.
· Perform wireless security reviews to identify security issues and risks, and develop remediation plans.
· Consults closely with the other Amazon security and service teams on issues related to AWS security posture.
· Interface with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk.

Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Work/Life Balance
Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives.

Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.

**This role is open to alternative locations including: New York, NY – Boston, MA – Seattle, WA - Vancouver, BC Canada - Herndon, VA – Arlington, VA – Baltimore, MD – San Luis Obispo, CA – San Diego, CA

Key job responsibilities
The Security Engineer will be responsible for identifying wireless-related vulnerabilities at AWS facilities through expert judgement and knowledge. They need to understand wireless-related security controls and wireless systems in order to generate solid identification of vulnerabilities or risks. A solid understanding of Wi-Fi (802.11xx), Bluetooth, Zigbee, Software-Defined Radios, RF channels, Cellular (CDMA, GSM, LTE, 5G) is necessary in order to understand the wireless operating environment and identify known/unknown security issues. The security engineer will also be responsible for ad-hoc penetration testing, be part of a broader security picture, thrive in an ambiguous scope, and constantly engage with customers.

A day in the life
The Security Engineer's primary scope will be to conduct wireless vulnerability assessments at select AWS facilities. The security engineer will either do these remotely or in-person, traveling to AWS facilities across the globe. They will work with their fellow security engineers to conduct vulnerability assessments, constantly reinventing and re-imagining vulnerability assessments and how they can better serve customers. The security engineer will also be part of a larger vulnerability assessment team whose mission is to validate security effectiveness at AWS facilities globally. The security engineer's work will generate conversations and change to make our customer's data more secure every day.

About the team
The AWS Wireless Security Evaluations team conducts wireless vulnerability assessments of AWS facilities, technologies, and services. We are part of a larger vulnerability assessment team that identifies vulnerabilities in other security domains. We are a global team security team with personnel stretched across at least 8 different countries. We care deeply about the security of our customer's data and are always looking around the corner for them as the defacto security fiduciaries.

Basic Qualifications

· Bachelor’s Degree in Information Security, Networking, Computer Science, Information Technology, related field(s), or 5+ relevant experience.
· 3+ years of experience with security engineering, penetration testing, or wireless network engineering
· 3+ years of experience with an enterprise wide wireless security program
· 3+ years experience working in vulnerability identification in the following domains: Wi-Fi, Bluetooth, and Zigbee
· 1+ years of experience working with Software-Defined Radios
· 3+ years of experience demonstrating high-level customer service skills
· 3+ years of experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
· 3+ years of working with scripting languages, such as Bash, PowerShell, Python, and/or shell scripts
· 1+ year(s) of experience with AWS products and services or similar
· 1+ year(s) of experience with cross-organization collaboration
· Knowledge/experience working with a Wireless Intrusion Detection/Prevention Systems (WIDs/WIPs)

Preferred Qualifications

· Master’s Degree in Information Security, Networking, Computer Science, Information Technology, related field(s), or 7+ relevant experience.
· Strong communications clear and concise (both written and verbal, presentation and interpersonal skills)
· Knowledge of wireless security remediation techniques
· Must be self-motivated and have the ability to work independently or collaboratively with a team, and multi-task effectively
· U.S. Citizen
· 5+ years of experience with security engineering or wireless network engineering
· 5+ years of experience with an enterprise wide security program.
· 5+ years of experience demonstrating high-level customer service skills
· 5+ years of experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
· 5+ years of working with scripting languages, such as Bash, Python, and/or shell scripts
· 3+ year(s) of experience with AWS products and services.
· 5+ year(s) of experience with cross-organization collaboration
· 3+ years of cellular-related vulnerability identification and associated remediation paths
· 1+ years experience in fulfilling duties on a Technical Surveillance Countermeasures (TSCM) team/program or formalized TSCM training
· Demonstrated ability to influence others to apply skills and techniques to solve dynamic problems.
· 3+ years knowledge of security technology, risk assessment methodologies, policies, and processes.
· Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role




Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.