The Global Services, Security (GSS) team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar‑raising security outcomes and investment in security mechanisms and automation on behalf of our customers. The AWS Security Assurance Services (AWS SAS) team works with our largest enterprise customers to address their security and compliance requirements using cloud‑native technology, while adopting scalable security and risk control measures across their infrastructure. At AWS SAS, we are hiring technical security experts with a background in security assessments to lead a variety of customer‑focused engagements that include architecture and compliance guidance. This role will specialize in assessments and advisory work for well‑known security frameworks, standards and regulations as well as risk‑management methodologies.
Key Job Responsibilities
* Lead teams to help partners and customers understand the opportunities for cloud technology to handle security and compliance requirements in key market verticals and regulated industries, such as financial services, healthcare, life sciences, and energy.
* Scope and lead on‑site engagements with partners and customers, including pre‑sales on‑site visits, understanding customer security and compliance requirements, and proposing and delivering packaged offerings or custom solution engagements.
* Deliver short on‑site projects leading to architecture or compliance roadmaps, architecture guidance, gap assessments, and assessments and reporting on various aspects of a customer’s security and compliance posture.
* Collaborate with AWS engineering, support and business teams to convey partner and customer feedback as input to AWS technology roadmaps.
Required Qualifications
* 8+ years of experience in an internal or external IT security audit or compliance assessment role.
* Candidate must possess at least one of the following security certifications: CISSP, CISM, PCI‑QSA certifications, or Certified ISO27001 Lead Implementer.
* 8+ years of experience assessing/auditing customers on meeting PCI DSS, ISO 27001, HIPAA, HITRUST, FedRAMP, GDPR, FISMA or NIST/DoD standards.
* Bachelor’s degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience.
Preferred Qualifications
* Experience building common compliance framework controls as well as mapping between different compliance requirements.
* Experience automating assessments in enterprise or cloud environments.
* Experience assessing security controls for enterprise applications.
* Demonstrated breadth of security expertise in various sub domains such as encryption, identity, incident response, etc.
* Hands‑on technical expertise in technology automation, implementation, integration, and/or deployment.
* Demonstrated ability to think strategically about business, product, and technical challenges.
* Experience with risk assessment methodologies and risk reporting for executive leadership.
* Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.
#J-18808-Ljbffr