The Global Services, Security (GSS) team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customers. The AWS Security Assurance Services (AWS SAS) team works with our largest enterprise customers to address their security and compliance requirements using cloud native technology, while adopting scalable security and risk control measures across their infrastructure. Are you excited by the possibility of using automation and event driven computing to achieve continuous compliance? Do you want to dive deeper into cloud technology, while redefining traditional security measures? Are you interested in applying your assessment and advisory skills to workloads that use emerging technologies in new and interesting ways? At AWS SAS, we are hiring technical security experts with a background in security assessments to lead a variety of customer focused engagements that include architecture and compliance guidance. You will also work with industry and standards bodies to further the creation of security guidance that leverages the advantages of cloud technology. This role will specialize in assessments and advisory work for well-known security frameworks, standards and regulations as well as risk management methodologies. This is a customer facing role where success is measured by developing a high performing team of consultants who help enable our customers in moving their workloads and regulated data into the cloud by addressing specific risk, regulatory, and compliance requirements. You will be expected to also work in a Business Development capacity, assisting our AWS sellers to position the value and applicability of your team into customer projects and long-term relationships. We are looking for an innovative security and compliance leader who enjoys establishing strategy and then drives consensus across the team to achieve a vision.
Key job responsibilities
- Expertise - Lead teams to help partners and customers understand the opportunities for cloud technology to handle security and compliance requirements in key market verticals and regulated industries, such as financial services, healthcare, life sciences, and energy.
- Solutions – Scope and lead on-site engagements with partners and customers. This includes leading pre-sales on-site visits, understanding customer security and compliance requirements, and proposing and delivering packaged offerings or custom solution engagements.
- Delivery - Engagements include short on-site projects leading to architecture or compliance roadmaps, architecture guidance, gap assessments, etc. Engagements will include assessments and reporting on various aspects of a customer's security and compliance posture.
- Insights - Collaborate with AWS engineering, support and business teams to convey partner and customer feedback as input to AWS technology roadmaps.
About the team AWS Global Services includes experts from across AWS who help our customers design, build, operate, and secure their cloud environments. Customers innovate with AWS Professional Services, upskill with AWS Training and Certification, optimize with AWS Support and Managed Services, and meet objectives with AWS Security Assurance Services. Our expertise and emerging technologies include AWS Partners, AWS Sovereign Cloud, AWS International Product, and the Generative AI Innovation Center. You’ll join a diverse team of technical experts in dozens of countries who help customers achieve more with the AWS cloud.
Basic Qualifications
- 8+ years of experience in an internal or external IT security audit or compliance assessment role.
- Candidate must possess at least one of the following security certifications CISSP, CISM, PCI-QSA certifications, or Certified ISO27001 Lead Implementer
- 8+ years of experience assessing/auditing customers on meeting PCI DSS, ISO 27001, HIPAA, HITRUST, FedRAMP, GDPR, FISMA or NIST/DoD standards.
- Bachelor’s degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience.
Preferred Qualifications
- Experience building common compliance framework controls as well as mapping between different compliance requirements
- Experience automating assessments in enterprise or cloud environments
- Experience assessing security controls for enterprise applications.
- Demonstrated breadth of security expertise in various sub domains such as encryption, identity, incident response, etc.
- Hands-on technical expertise in technology automation, implementation, integration, and/or deployment
- Demonstrated ability to think strategically about business, product, and technical challenges
- Experience with risk assessment methodologies and risk reporting for executive leadership
- Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.