Amazon.com is looking for a regional risk manager focused on driving security compliance. This role will provide advisory guidance to new and existing businesses at Amazon, and will regularly conduct deep dives into critical security risk areas. If you enjoy working in a rapidly changing environment and influencing the strategic direction of a large global organization, this position will provide you with a challenging opportunity. You will be responsible for driving consensus across teams to define and influence the secure and compliant design of compliant systems worldwide. Key tasks include: · Establishes credibility and maintains strong working relationships with groups involved with security and compliance matters (InfoSec, Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.). · Responsible for building and influencing security compliance as a core competency throughout our relationships with our internal teams/partners/vendor; this includes providing education and training to the organization. · Responsible for continual process improvement and innovation in the security assessment process, control documentation, and enabling business teams to be on time, on budget, and on quality. · Delivers recommendations and risk interpretations in a clear, concise and audience-specific format · Responsible for conducting internal risk investigations and assessments. · Support ad-hoc data analysis requests. · Analysis of historical data to identify trends and insights.
· Bachelors degree in Management Information Systems, Computer Science or relevant field, Masters Degree preferred. · Minimum 6-years of information security, compliance, audit, risk management or related client service or consulting experience. · Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions. · Technical knowledge and familiarity with relevant security compliance standards. · Experience in analyzing large data sets. · Fluency in French.
· Related security control and compliance experience in various frameworks including: PCI DSS, PCI, PSD2, GLBA, ISO, NIST, etc. · CISSP, CISA, CISM and/or other comparable security controls or audit certifications preferred. · Experience with service-oriented architectures and web services security. · Senior-level written and verbal communication skills. · Excellent leadership, teamwork and collaboration skills. · Results oriented, high energy, self-motivated. · Occasional travel may be required.