Leo is an initiative to launch a constellation of Low Earth Orbit satellites that will provide low-latency, high-speed broadband network connectivity to unserved and underserved communities around the world.

Have you wanted an opportunity to secure an advanced satellite broadband telecom environment? The Leo Security team owns the security of product and environment of Leo end-to-end. We provide the necessary infrastructure and mechanisms to ensure the security of our satellite constellation and to protect the integrity and confidentiality of our customer data. Our team drives the research & development, deployment and operation of several mission-critical security systems and mechanisms. You will work in a start-up like environment, backed by Amazon's infrastructure to bootstrap security mechanisms, and help instill the security culture in the organization.

Export Control Requirement

Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.

Key job responsibilities

* Creating, updating, and maintaining threat models for various components of the Leo Enterprise and Manufacturing

* Manual and Automated Secure Code Review in Java or other common languages

* Network and infrastructure assessments

* Development of scrappy security automation tools

* Security training and outreach for internal development teams

* Security architecture and design guidance

* Independently solve security problems that require novel methods or approaches

* Influence your team's and partners' process, priorities, and choices to improve outcomes

* And last but not least, you will hack some really cool bleeding edge tech!

A day in the life

In this highly dynamic role, you'll be accountable for deciding where your time investments provide the most value. You will have a blend of proactive and reactive work. Teams will reach out for ideas on how to handle a wide variety of security problems. You can anticipate implementation questions like

"What's the right way to handle authentication tokens in service to service communications?"

"We need to define security requirements for a confidential new product launch."

"We've experienced an incident and need to perform 5 why's analysis to identify and correct the problem that produced the incident."

When you're not working on responding to the questions of your builder teams, you will be evaluating overall org performance to identify architectural defects and proposing new security initiatives to correct problems in the org. You will help Amazon maintain a high bar for customer security.

BASIC QUALIFICATIONS

- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent

- Experience with web protocols, common security attacks, and remediation (non-internship)

- Experience solving basic problems by writing code or scripts with some assistance

- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security

- Knowledge of industry-based security vulnerabilities and remediation techniques

- Experience with one of the following programming languages: Python, Ruby, Node.js, C#, or C++

- Associate's degree in computer science or equivalent, or 2+ years of engineering experience

PREFERRED QUALIFICATIONS

- Experience with AWS services or other cloud offerings

- Experience in performing and/or participating in technical security assessments, e.g. code level and design level assessments

- Master's degree with a specialization in information security

- Strong analytical and quantitative skills with the ability to use data and metrics to back up assumptions and recommendations that produce results

- Familiarity with programming and scripting or experience developing security tools & processes that work at scale

- Experience triaging security risks/vulnerabilities and ensuring that they are properly understood by the business and fixed and/or mitigated.

- Hands-on experience with satellite communications and management software

- Experience with low-level programming and embedded systems

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.

USA, WA, Redmond - 136,000.00 - 184,000.00 USD annually