Cybersecurity Supply Chain Mgr, Supply Chain Intellectual Property Security
Amazon
Full-time
On-site
Seattle, Washington, United States
$107,400 - $229,700 USD yearly
Cybersecurity
Overview: We're seeking a Security Supply Chain Assessor to help protect Amazon's global supply chain through comprehensive security assessments and risk management. This role requires international travel (up to 75%) across APAC, North America, and South America Regions.
The Cybersecurity Supply Chain Assessor plays a critical role in evaluating and strengthening the security posture of third-party manufacturing and supplier partners across the global supply chain. This position involves conducting on-site cybersecurity assessments of supplier facilities, verifying adherence to corporate and industry security standards, and identifying risks related to data protection, software provisioning, and hardware production environments.
The ideal candidate will have deep technical expertise in cybersecurity controls, a strong understanding of manufacturing and supplier ecosystems, and the ability to collaborate cross-functionally with internal and external stakeholders across multiple time zones and regions.
Key job responsibilities
Conduct on-site cybersecurity assessments of suppliers and contract manufacturers across APAC, North America, and South America.
Evaluate supplier environments against company and industry security standards (e.g., ISO 27001, NIST 800-171, and internal security frameworks).
Assess security domains including but not limited to:
o Network segmentation and access control
o Data encryption and protection mechanisms
o Endpoint and server security
o Secure software provisioning and storage
o Incident response and monitoring practices
o Physical and environmental security controls
Document findings, develop risk ratings, and provide actionable remediation guidance to suppliers.
Partner with internal security, compliance, and supply chain teams to ensure continuous improvement of supplier risk management programs.
Track, monitor, and verify closure of remediation actions through follow-up assessments or evidence reviews.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
- Bachelor's degree or above in Cybersecurity, Information Security, or a related field
- 5+ years of experience in cybersecurity assessments, audits, or supplier security evaluations.
- Experience performing on-site assessments or audits in manufacturing, hardware, or software supply chain environments.
- Strong knowledge of security frameworks (ISO 27001, NIST CSF, or similar).
- Demonstrated ability to communicate complex security concepts to both technical and non-technical audiences.
- Excellent analytical, documentation, and reporting skills.
- Experience working with or assessing suppliers in regulated industries (e.g., electronics manufacturing, cloud hardware, or software supply chain).
- Understanding of software and firmware provisioning security practices.
- Experience with risk management tools and assessment automation platforms.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $107,400/year in our lowest geographic market up to $229,700/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
The Cybersecurity Supply Chain Assessor plays a critical role in evaluating and strengthening the security posture of third-party manufacturing and supplier partners across the global supply chain. This position involves conducting on-site cybersecurity assessments of supplier facilities, verifying adherence to corporate and industry security standards, and identifying risks related to data protection, software provisioning, and hardware production environments.
The ideal candidate will have deep technical expertise in cybersecurity controls, a strong understanding of manufacturing and supplier ecosystems, and the ability to collaborate cross-functionally with internal and external stakeholders across multiple time zones and regions.
Key job responsibilities
Conduct on-site cybersecurity assessments of suppliers and contract manufacturers across APAC, North America, and South America.
Evaluate supplier environments against company and industry security standards (e.g., ISO 27001, NIST 800-171, and internal security frameworks).
Assess security domains including but not limited to:
o Network segmentation and access control
o Data encryption and protection mechanisms
o Endpoint and server security
o Secure software provisioning and storage
o Incident response and monitoring practices
o Physical and environmental security controls
Document findings, develop risk ratings, and provide actionable remediation guidance to suppliers.
Partner with internal security, compliance, and supply chain teams to ensure continuous improvement of supplier risk management programs.
Track, monitor, and verify closure of remediation actions through follow-up assessments or evidence reviews.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
- Bachelor's degree or above in Cybersecurity, Information Security, or a related field
- 5+ years of experience in cybersecurity assessments, audits, or supplier security evaluations.
- Experience performing on-site assessments or audits in manufacturing, hardware, or software supply chain environments.
- Strong knowledge of security frameworks (ISO 27001, NIST CSF, or similar).
- Demonstrated ability to communicate complex security concepts to both technical and non-technical audiences.
- Excellent analytical, documentation, and reporting skills.
- Experience working with or assessing suppliers in regulated industries (e.g., electronics manufacturing, cloud hardware, or software supply chain).
- Understanding of software and firmware provisioning security practices.
- Experience with risk management tools and assessment automation platforms.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $107,400/year in our lowest geographic market up to $229,700/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.