Amazon Security Engineer Kuiper Enterprise Technology 

United States, Texas, Arlington 

382312571

Key job responsibilities• Understand and implements ISO 27001, NIST, and other security controls
• Understanding of threat modeling, manual source code review, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
• Assisting certifications and assessments programs by liaising with Kuiper Security, auditors, and Kuiper service teams, articulating control implementation and impact, and documenting procedures
• Establishing credibility and maintaining strong working relationships with groups involved with Information Security and compliance teams (Kuiper Sec, Info Sec, Legal, Internal Audit, Physical Security, Developer Community, Networking, Systems, etc.)
• Identify automation opportunities while working across engineering teams
• Helps drive continuous improvements to the Kuiper compliance program, the program management process, and control implementation projects in coordination with the service teams and Kuiper Security
• Captures and tracks information security metrics and goals for all required controls
• Develop dashboards, canaries, and alarms for all automated controls
• Clearly communicating vision, deliverables, and project status to management and key technical and business stakeholders
• Delivers recommendations and risk interpretations in a clear, concise, and audience-specific format
Export Control Requirement
Due to the need to access certain federal controlled information, you must be a U.S. citizen for considerationA day in the life
This is a fast-paced, intellectually challenging position, and will work with leaders in multiple technology areas. Have relentlessly high standards for yourself and everyone you work with, and be constantly looking for ways to improve your product’s performance, quality and cost. We want individuals who are ready for this challenge and want to reach beyond what is possible today.

- DevOps - CDK or similar
- 3+ years of IT security audit, compliance and/or relevant Federal regulatory experience
- 3+ years of experience in performing technical audits/assessments in direct support of a major compliance effort (e.g., FedRAMP, ISO, FISMA, NIST 800 series frameworks)
- Understanding of threat modeling, manual source code review, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
- Demonstrated understanding of cloud computing services/deployment architecture
- Deep technical background with experience in common IT infrastructure and services/applications