Amazon Leo is Amazon’s low Earth orbit satellite broadband network. Its mission is to deliver fast, reliable internet to customers and communities around the world, and we’ve designed the system with the capacity, flexibility, and performance to serve a wide range of customers, from individual households to schools, hospitals, businesses, government agencies, and other organizations operating in locations without reliable connectivity.

Export Control : This position requires that the candidate selected be a U.S. Citizen in order to comply with U.S. government-imposed requirements related to the nature of the work and/or where it will be performed.

We have a team culture that encourages ownership, diversity, inclusion, and innovation. You will have an opportunity to work across the entire Leo organization implementing and managing various controls along side Leo Security. Leo security owns policy and definition of controls, and this role owns the coordination, development, implementation, and change management of controls as well as managing defects and improvements.

• Key job responsibilities

• Design, implement, and maintain security controls for SCADA systems, industrial control systems (ICS), and other operational technology (OT) environments across manufacturing sites

• Conduct security assessments, vulnerability analyses, and risk evaluations of OT/ICS environments, including SCADA platforms, PLCs, HMIs, and historian systems

• Develop and enforce network segmentation strategies (e.g., Purdue Model, ISA/IEC 62443) to isolate OT environments from corporate IT networks

• Identify, triage, and remediate security vulnerabilities and misconfigurations in manufacturing control systems while minimizing operational disruption

• Collaborate with manufacturing engineering, operations, and IT teams to embed security best practices into OT system design, procurement, and lifecycle management

• Implement and manage security monitoring and anomaly detection capabilities for OT/ICS environments, including integration with SIEM and log aggregation pipelines

• Develop and maintain incident response playbooks and procedures specific to OT/ICS environments

• Support compliance efforts aligned with relevant frameworks including NIST SP 800-82, ISA/IEC 62443, CMMC, and NERC CIP (where applicable)

• Produce clear, accurate security documentation including threat models, network diagrams, compliance artifacts, and runbooks

About the team
The Amazon Leo Security Controls and Assurance team owns a variety of security fields for regulated productivity environments including security architecture, incident response, threat hunting, compliance, and security tool management.

Basic Qualifications

• Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics)
• 3+ years of scripting, programming, or security code review in a common language, such as Python, Java or C++ experience
• Knowledge of networking protocols such as HTTP, DNS and TCP/IP
• Knowledge of industry-based security vulnerabilities and remediation techniques
• Experience in troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship experience)
• Experience in IT Security

Preferred Qualifications

• 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
• Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
• Experience with AWS products and services

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.

USA, VA, Arlington - 159,300.00 - 202,400.00 USD annually
USA, WA, Bellevue - 159,300.00 - 202,400.00 USD annually