Principal Security Tpm, Ags Security Engineering

Amazon Amazon · Big Tech · NY +1 · Project/Program/Product Management--Technical

This role is for a Principal Technical Program Manager within AWS Global Sales (AGS) to establish and own security and governance frameworks for the AGS field organization. The role focuses on managing risk, ensuring compliance with AWS security standards, and enabling the field to build and innovate securely, especially in the context of generative AI and agentic architectures. It involves building programs for security reviewers, conducting training, measuring performance against standards, and defining the security roadmap for the field.

What you'd actually do

  1. Own the field's security and governance frameworks (customer builds, prototyping, public content), building on the AWS Security standards and codifying them into the steering docs, skills, MCPs, and agents the field builds with
  2. Grow the field's security reviewer community, recruiting, training, and accrediting reviewers and keeping their judgment calibrated as technology and threats evolve, so security judgment spreads and reviews stay consistent
  3. Own field security training on the responsibilities and frameworks the field operates within, partnering with security engineers and AWS Security on content and Field Enablement on delivery
  4. Measure AGS against AWS-wide security standards and run the business security review that gives leadership a regular, prioritized read on risk, partnering with leaders to close gaps and enabling leaders to run their own
  5. Partner with the business through post-incident follow-through, helping it articulate what happened, representing it to AWS Security leadership, and supporting it in closing the action items it owns

Skills

Required

  • Security and governance frameworks
  • Risk management
  • Program management
  • Cross-functional coordination
  • Technical program management
  • Security engineering principles
  • AWS security standards

Nice to have

  • Experience with generative AI and agentic architectures
  • Experience in regulated environments
  • Experience with compliance frameworks

What the JD emphasized

  • security and governance frameworks
  • risk
  • security standards
  • generative AI and agentic architectures
  • security reviewer community
  • security training
  • security exceptions and escalations