At Amazon Devices & Services, we imagine the future, and then create it. Join brilliant minds to build new categories of technology that become part of everyone's everyday life. Together, we create connected experiences and transform lives, communities, and the world with our work.
The Compliance & Certification team are looking for a graduate cybersecurity professional to work with many of Amazon's world renowned devices and services (such as Ring, Blink, etc.) by supporting secure infrastructure, network security, automation, compliance, and operational monitoring. This role is ideal for someone with hands-on Linux experience, practical lab projects, scripting ability, and academic knowledge of cybersecurity, digital forensics, incident response, ethical hacking, and security governance.
You will help configure and monitor embedded systems, virtual machines, containers, firewalls, DNS filtering tools, and security services. You will also assist with automation using Python and Bash, investigate basic security events, support secure networking, and contribute to technical documentation, evidence collection, and internal knowledge sharing.
Key job responsibilities
- Maintain accurate technical documentation for security controls, infrastructure configurations, operational processes, and compliance evidence
- Map technical security controls to internal policies, standards, and compliance requirements
- Support audit preparation by gathering evidence, validating documentation, and helping respond to audit-related requests
- Track security findings, remediation actions, and control gaps through to completion
- Ensure infrastructure changes follow approved security, compliance, and change management requirements
- Support secure infrastructure operations across Linux systems, virtual machines, containers, firewalls, DNS filtering tools, and security services
- Assist with network security monitoring, basic event investigation, and operational security checks
- Contribute to automation activities using scripting tools such as Python and Bash to improve monitoring, reporting, and repeatable operational tasks
- Work with technical teams to document risks, security impacts, and required remediation steps.
- Translate technical security concepts into clear guidance for both technical and non-technical stakeholders
- Support internal knowledge sharing by documenting procedures, lessons learned, and technical findings
- Work across cybersecurity, infrastructure operations, and compliance activities in a structured enterprise environment
A day in the life
A typical week may include reviewing technical evidence for security controls, supporting audit requests, mapping infrastructure controls to internal policies or security frameworks, tracking remediation actions, reviewing change records for compliance impact, or helping teams document how their systems meet security requirements. The work requires attention to detail, strong communication, and the ability to translate technical information into clear compliance evidence.
About the team
You will join a cybersecurity compliance team focused on helping the organisation meet its security, regulatory, and audit obligations while enabling secure technology operations. The team works at the intersection of cybersecurity, governance, risk management, infrastructure, and internal control assurance.
Our mission is to make cybersecurity compliance clear, evidence-based, and practical. We help ensure that security controls are properly defined, implemented, documented, tested, and continuously improved. The team supports audit readiness, control mapping, remediation tracking, policy alignment, and security governance across enterprise systems and technology processes.
This is a strong environment for someone early in their cybersecurity career who wants to build experience in governance, risk, and compliance (GRC) while staying close to technical security. The role offers exposure to security frameworks, audit preparation, technical control validation, evidence collection, risk remediation, policy compliance, and enterprise security processes.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.