USA Jobs

Job Information

Amazon Web Services Security Technical Program Manager in Austin, Texas

Job Description

The Global AWS Hardware Infrastructure Security Team (HIST) is looking for an experienced Senior Security Technical Program Manager to define and drive the company-wide security strategy for internal hardware devices and fleet management technologies. Many teams inside AWS design hardware, but guiding their combined efforts and creating solutions at AWS scale requires an exceptional thought leader. The HIST organization exists to direct strategic investments across AWS that provide real risk mitigation AWS customers, and if you are a strong communicator with deep security experience, we look forward to talking to you!

Did you know that Amazon Web Services is in the semiconductor business? It’s true, and the incredible scale of AWS and the pace of our growth (+46% revenue year over year as of Q3 2018) would not be possible without our ongoing commitment to treating every day like it’s “still day one”. To deliver services at this scale, we have to be willing to embrace new strategies to meet our customer’s needs.

One of the most important things that enables us to continue to grow (and to support the extraordinary variety required across more than 165 distinct cloud services that we have today) is our investment in internal hardware design. AWS internally designs unique servers and network devices for the AWS fleet, and we are constantly adding to an already staggering array of other first-party hardware for internal use. We make everything from discrete components such as power supplies and storage devices, to full platform solutions for every conceivable customer purpose.

Do you know what “secure boot” is and how it works? Are you familiar with Intel and ARM security technologies? How about PCIe and SPI buses? BMC and IPMI? ROM and NAND? If you have experience with platform design, and related hardware and firmware security technologies, this role will allow you to define and drive the fundamental security baseline for everything that AWS is built on.

This is not an entry-level position. By applying your hard-earned years of practical program management expertise in projects related to hardware technologies and cloud security, you will literally determine company direction and shape the future of cloud computing.

The successful candidate must be comfortable individually driving cross-team efforts, and defining well-considered objectives and metrics to guide decision-making and affect change. You will provide crystal-clear vision and technical direction for diverse engineering and business leaders at all levels.

A Senior Security Technical Program Manager is expected to understand the systems in their program space, the limitations, scaling factors, boundary conditions, and reasons behind architectural decisions. They are expected to seek out and clearly communicate relevant data to support complex business decisions, and drive the right recommendations in a compelling and effective way. They create plans that have objective, measurable success criteria and clearly communicate progress and outcomes. They anticipate the gaps between teams, processes, and system architectures to help the organization produce the best possible results for our customers.

Core Responsibilities:

  • Gather knowledge, define projects, and coordinate execution across multiple global partner teams

  • Identify and produce appropriate security metrics, and continually assess them to improve over time

  • Apply security expertise in deeply technical discussions, keeping all stakeholders productively engaged

  • Directly represent our organization to business leaders and technical staff at all levels of the company

  • Prepare and present detailed, written technical information for internal and external audiences

  • Demonstrate exceptional judgment, integrity, business acumen, and communication skills

Basic Qualifications

  • BS in Computer Engineering, Information Security, or related field, or equivalent work experience

  • Minimum of 6 years of experience in Technical Program Management, with demonstrated experience producing technical requirements and driving hardware engineering projects from concept to delivery

  • Minimum of 4 years of experience in two or more of the following categories:

-- Product/Service definition (requirements and use cases for internal/external customer solutions)

-- Hardware security (UEFI, Secure Boot, TPM, TrustZone, SGX, bus and memory protection, etc)

-- Hardware design (JTAG, UART, SPI, ROM, NAND, ASIC/FPGA, Gerber files, tracing, soldering, etc)

  • Minimum of 4 years of experience in one or more of the following categories:

-- Security architecture and risk mitigation for enterprise networks or cloud hardware infrastructure

-- IoT and embedded platform design or related software service definition

-- Data center management (configuration, patching, remote administration, user permissions)

-- Data analytics (business intelligence, security metrics, data pipeline, scale, and performance)

  • Experience in security metrics definition, data analysis, and automated report generation

  • Demonstrated understanding of crypto basics (encryption, signing, certificates, AES, RSA, etc)

  • Demonstrated ability to prepare technical specifications and executive-ready communications

Preferred Qualifications

  • 10+ years of experience in two or more of the technical categories above

  • Publicly demonstrated written and verbal communication skills, and ability to drive toward consensus

  • Knowledge of common security-relevant protocols (e.g. SSH, TLS, DNS, DHCP, IPMI, SNMP)

  • Relevant industry certifications (CISSP, SANS/GIAC, CompTIA, Rapid7, Microsoft, Linux, Xipiter)

  • Experience using AWS core services (EC2, S3, IAM, Kinesis, Lambda, KMS, VPC, etc)

  • Experience designing for relevant security standards (TCG, NIST, FIPS, PCI, ISO 27000 series)

  • Experience with storage technologies (HDD/SSD, NAND, ROM, RAM, data remanence and recovery)

  • Experience leading cloud security risk management and operational business support programs

  • Experience with Windows, Linux, and hypervisor security (especially in cloud environments)

  • Spectacular track record of complex project delivery, effective organization, and executive maturity

  • Meets/exceeds Amazon’s leadership principles requirements for this role

  • Meets/exceeds Amazon’s functional/technical depth and complexity for this role

  • Meets/exceeds Amazon’s leadership principles requirements for this role

  • Meets/exceeds Amazon’s functional/technical depth and complexity for this role

Amazon is an Equal Opportunity Employer – Minority / Women / Disability / Veteran / Gender Identity / Sexual Orientation / Age


Share this job

Job ID785364

CompanyAmazon Web Services, Inc.

Position CategoryProject/Program/Product Management--Technical

Company/Location (search) : Country (Full Name)United States