Sr. Industry Specialist, Afss Compliance

Amazon Amazon · Big Tech · Arlington, VA · Project/Program/Product Management--Non-Tech

This role focuses on applying AI and LLMs to automate compliance workflows within Amazon's Foundational Security Services (AFSS). The specialist will act as a subject matter expert, identifying manual processes and building AI agents and tooling to streamline evidence collection, control testing, and audit response, particularly in regulated government cloud environments. Experience with compliance in air-gapped regions and FedRAMP authorization is critical.

What you'd actually do

  1. Own and coordinate audit programs (SOX, FedRAMP, ISO, and US government regulatory frameworks) for Amazon Foundational Security Services
  2. Serve as the compliance subject matter expert for foundational security services, partnering with service teams to ensure audit readiness
  3. Identify manual compliance workflows and design AI-powered automation solutions to eliminate toil and improve accuracy
  4. Build and deploy AI agents and LLM-based tooling to streamline evidence collection, control testing, and audit response
  5. Support FedRAMP authorization and continuous monitoring for foundational security services in government cloud regions, including air-gapped (isolated) environments

Skills

Required

  • 5+ years of SOX and/or Audit engagements experience
  • Knowledge of security technology and concepts (Authentication, Authorization, Single sign-on, Cryptography, etc.)
  • Experience with automating and simplifying team development, test, and operations processes
  • Experience in regulatory compliance management with government agencies
  • Background in security engineering or security services

Nice to have

  • Bachelor's degree or equivalent in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics, or a related discipline, or equivalent technology experience
  • Experience with Machine Learning and Large Language Model fundamentals, including architecture, training/inference lifecycles, and optimization of model execution, or experience building complex software systems that have been successfully delivered to customers
  • Experience architecting, securing, and operating Amazon Web Services
  • Experience mentoring or training the engineering community on complex technical issues
  • Hands-on experience automating compliance workflows using AI tooling (e.g., building AI agents, prompt engineering, RAG pipelines)

What the JD emphasized

  • AI-powered solutions to automate compliance workflows
  • building agents
  • leveraging large language models
  • eliminating manual processes
  • core expectation of the role from day one
  • familiarity with compliance in government cloud environments
  • air-gapped (isolated) cloud regions
  • FedRAMP authorization efforts
  • automating compliance testing and documentation
  • automated, scalable solutions
  • Hands-on experience automating compliance workflows using AI tooling

Other signals

  • AI-powered automation
  • building agents
  • leveraging large language models
  • automating compliance workflows
  • AI agents and LLM-based tooling