Information Security, Security Assessor

US-WA-Seattle
2 months ago
Job ID
429090
Amazon Corporate LLC
Position Category
Project/Program/Product Management--Technical
Recruiting Team
North American Teams - Consumer - Sellers Plus

Job Description

Amazon.com is looking for a technical program manager focused on managing the state of technical security controls, application process controls and testing methodologies within Amazon. If you enjoy working in a rapidly changing environment and influencing the strategic direction of a large global organization, this position will provide you with a challenging opportunity.

You will be creating a program to define, document and continuously test security controls in a highly complex environment. This hands-on position includes consulting with internal project and development teams to enhance the overall organization’s security posture, while also owning the response for compliance and audit issues.

Key responsibilities include:
  • Establishes credibility and maintains strong working relationships with groups involved with information security and compliance matters (InfoSec, Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.).
  • Responsible for building and influencing security as a core competency throughout our relationships with our internal teams/partners/vendor; this includes providing education and training to the organization.
  • Responsible for continual process improvement and innovation in assessment process, process and control documentation, enabling business teams to be on time, on budget, and on quality.
  • Delivers findings, recommendations and remediation steps for all activities, in a clear, concise and audience-specific format
  • Responsible for conducting internal investigations and assessments.
  • Support ad-hoc data analysis requests.
  • Analysis of historical data to identify trends and insights.

Basic Qualifications

  • Bachelor’s degree in Management Information Systems, Computer Science or relevant field, Masters Degree preferred.
  • Minimum 4-years of information security, assessments, audit, risk management or related client service or consulting experience.
  • Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
  • Technical knowledge in at least one security domain such as engineering, system and network security, authentication or security protocols.
  • Experience in analyzing large data sets.

Preferred Qualifications

  • Related security control and compliance experience in conducting, executing and managing fieldwork for assessments: PCI DSS ISO, NIST, COBIT, COSO, GLBA
  • CISSP, CISA, CISM and/or other comparable security controls or audit certifications preferred.
  • Experience with service-oriented architectures and web services security.
  • Senior-level written and verbal communication skills.
  • Excellent leadership, teamwork and collaboration skills.
  • Have experience in generating automated metrics to measure information security control effectiveness and consistency.
  • Results oriented, high energy, self-motivated.
  • Occasional domestic or international travel may be required.
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed