Sr Mgr, Security Compliance Technical Assessments

Amazon.Com, Inc. Seattle , WA 98113

Posted 2 months ago

Are you interested in driving exceptional security for customers? Do you have a passion for cutting edge technologies and complex problem solving? Do you see security and compliance as a business enabler? Do you enjoy leading technical teams in search of innovative solutions? Amazon Web Services' (AWS) business continues to expand its global presence and customer facing services and we are looking for a highly motivated Security Assurance Technical Program Manager to lead our Security and Compliance Onboarding Team. As part of the AWS Security Assurance team (Risk & Compliance), this role leads a technical team building the bridges between security, technology, and compliance by working directly with all of our AWS service teams, infrastructure teams, security teams, and related Amazon corporate teams to dive deep and assess security implementation, partner with teams for solutions, and drive applicable remediation that prepares AWS services for formal compliance audits. This candidate should be a technically experienced and innovative security professional who has the ability to dive deep into a variety of complex architectures. The role will help drive and scale the onboarding program through innovative process changes across multiple organizations and teams engaging engineering and development teams up to senior leadership.

This candidate will draw upon exemplary program/project management, critical thinking, problem solving skills, and a passion for new challenges; additionally be creative, self-directed and a great team player. Candidates should drive continuous process improvement, and collaborate effectively with assertively cross-functional teams to solve problems and implement new solutions.

You will act as a leader who can prioritize well, communicate clearly, and have a consistent track record of delivery. You are proactive in removing roadblocks, pave the way for innovation, and can handle multiple competing priorities in a fast-paced environment. You will be a positive influencer across diverse teams, be able to effectively rally support for your initiatives and be able to help deeply technical teams create simple solutions to meet your program goals. You are able to handle business escalations with a data-driven approach.

Key Responsibilities

This position will be responsible for:

  • Hiring and developing a technical team - supporting them through escalation support and building scalable processes

  • Evaluating business processes to align AWS services to AWS controls and compliance programs

  • Supporting service impact assessments of existing and emerging compliance programs

  • Supporting process improvement and security implementation projects in coordination with the service teams

  • Driving leadership communications to service teams and stakeholders of onboarding requirements/status and service impact

  • Confirming readiness of services for audit and/or certification

  • Liaising between AWS Security Assurance Attestation program and AWS Service teams and managing stakeholder relationships

  • Developing a working knowledge of the operational processes and controls in place that support the AWS Compliance program and guiding control owners in documenting their control activities

  • Assisting with linking: standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance policies, and risk management effectiveness

  • Innovation of mechanisms to better meet business processes and compliance requirements

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Consultant Risk And Audit Security Assessments ASR


Posted 2 days ago

VIEW JOBS 10/16/2019 12:00:00 AM 2020-01-14T00:00 Avanade is looking for passionate technologists who want to contribute to keeping our internal security technology on the bleeding edge. Constant opportunities for growth and learning have helped make Avanade one of the best places to work in IT and provide an excellent environment to build skills and experience that help launch exciting IT careers. The Information Security Risk and Audit team is looking for an adaptable team member to deliver high-visibility work a long term temporary project for the Security Assessment scope of our portfolio. This role would be a great fit for someone who is versed in systems security auditing and risk assessment. This position will involve aiding in continuing to mature our processes, validating security compliance, researching vulnerabilities and security risk, and reviewing security risk assessments. This position may also involve assisting in other information security documentation and regulatory compliance project efforts. Key Responsibilities * Execute and support Security Risk Assessments over solutions and initiatives that impact the organization. * Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards. * Identify and evaluate complex technology risks, controls which mitigate them and related opportunities for control improvement. * Understand complicated business and information technology management processes. * Facilitate the use of technology-based security testing tools or methodologies, synthesize results and make recommendations for technical remediation. * Use the organization's risk management framework to effectively negotiate risk levels for issues related to control weaknesses and other vulnerabilities. Skills/ Knowledge * Strong knowledge of security risk assessments processes. * Strong knowledge of cloud technologies (e.g., IaaS, SaaS, PaaS, Public, Private, and Hybrid) with an emphasis on Microsoft Technologies and Azure. * Collaborate with individuals and groups to achieve maximum results. Use collaboration tools (e.g., Teams, SharePoint, Outlook) effectively to support the security risk assessment process. * Strong ability to work with teams both on shore and off shore. * Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change. * Three or more years in system security, controls or information management experience. * Familiarity with security industry standards (e.g., ISO 27001/2, ISO 27017/18/2, and NIST 800 series). * Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing. * Familiar with regulatory (e.g., HIPAA, GDPR, GLBA, and SOX) and standards-body based requirements (e.g., PCI) for protecting information. * Can implement security improvements by assessing current situation, evaluating trends and anticipating requirements. * Highly motivated and organized with excellent time management and problem-solving skills. * Demonstrated ability to write business and technical reports and participate in presentations. * Influencing experience at senior levels within an organization. * Excellent verbal and written communication skills. * Proficiency in Microsoft Office technologies. * Industry experiences in high-tech preferred. Experience * A minimum of three years of experience in Information Security with SANS, CISA, CRISC, CISM and/or CISSP accreditations. * Education * Bachelor's degree in Information Technology or Business Administration or a related discipline, or equivalent work experience. * A minimum of three years of experience in Information Security with SANS, CISA, CISM and/or CISSP accreditations. Avanade Seattle WA

Sr Mgr, Security Compliance Technical Assessments

Amazon.Com, Inc.