|Category||Project/Program/Product Management--Technical||Job type||Full Time|
|Country||United States of America|
At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At AWS' scale, we continuously invent new ways to provide the highest level of assurance to our most security conscious customers. Are you interested in driving exceptional security for customers? Do you have a passion for cutting-edge technologies? Do you see compliance as a business enabler?
Amazon Web Services (AWS) is rapidly expanding its global presence and we are looking for a highly motivated customer audit manager to join our team. As part of the team, you will work with customers and regulators to demonstrate AWS' security controls applicable to local requirements. You will join our team in helping customers understand how our infrastructure is designed, operated, maintained, and protected in accordance with global regulated industry standards.
The successful candidate is one who loves working across many stakeholders, including internal and external customers, to design solutions for complex compliance challenges. You are passionate about the security of the cloud and you want to solve real business problems. We have a team culture that encourages ownership, diversity, inclusion, and innovation. We expect team members and management alike to take a high degree of ownership for their program vision and execution of ideas. We expect this person to balance their unique perspective with those of the diverse perspectives of the team and its stakeholders. You will have an opportunity to work directly with senior leadership within AWS to improve AWS' ability to demonstrate assurance for regulated customers.
You should be a technically experienced and innovative security, compliance, and audit professional who has the ability to understand IT processes, communicate clearly and transparently with customers, and to be able to drive innovative process changes through multiple organizations and teams.
In this role, you will be responsible for the following activities:
• Dive deep into the AWS control environment to develop broad domain and technical understanding of AWS security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions.
• Develop understanding of regulated industry compliance requirements and communicate how AWS control activities meet global regulatory obligations.
• Liaise with customers, regulators and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to a technical cloud environment.
• Operate a rhythm of the business for managing changes to the control environment and in the preparation of audits; guide control owners in documenting their own control activities and confirm readiness of controls for audit.
• Monitor, evaluate, and continuously improve the organization by being a trusted advisor, facilitator and creative problem solver.
• Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
• Apply a working knowledge of global information security regulation and policy to articulate customer and control impact and drive alignment to AWS controls.
This role may be filled at an AWS location in Arlington VA, New York City NY, or Seattle WA.
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well balanced life-both in and outside of work.
• Bachelor's Degree in Computer Science, Information Systems Management or other related fields.
• 10+ years of experience in performing and/or participating in IT audit assessments of highly technical environments.
• 10+ years working in highly regulated industries (e.g. financial services, healthcare, and energy, telecommunications), including direct work with regulatory audits.
• IT audit and/or security consulting experience with a Big Four (or similar) organization.
• 1 or more industry-recognized security, cloud, or audit professional certifications (e.g., CISA, CISM, CISSP, CCSP, AWS Cloud Security Practitioner)
• 5+ years of IT security experience in support of a highly technical environment.
• Working knowledge of global IT regulations and supporting audit standards and frameworks (e.g., FFIEC CSF, NIST 800-53, ISO 27002, PCI DSS, SOC 1&2).
• Clear understanding and experience evaluating the design and operating effectiveness of IT controls. Experience working directly with external/customer auditors for these types of assessments.
• Business-level fluency in Spanish or German is a plus.
• Meets/exceeds Amazon's leadership principles requirements for this role
• Meets/exceeds Amazon's functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, visit https://www.amazon.jobs/en/disability/us