Security Consultant - HIPAA, AWS HIPAA Compliance Program

Job summary
The AWS Global Professional Services Security & Infrastructure team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud. Are you a Governance, Risk, and Compliance leader who can address the challenges of migrating systems and workloads to the cloud? Are you skilled at helping Healthcare & Life Sciences (HCLS) customers address their enterprise risk management and HCLS regulatory requirements using highly scalable computing architectures?
AWS offers a cloud platform with a global reach and we are looking for a passionate and experienced professional to help the expansion of the Professional Services HCLS Compliance Team and enforce healthcare regulatory compliance requirements. This role will help enable our customers in moving their workloads and regulated data into the cloud by addressing specific risk, regulatory, and compliance requirements. The ideal candidate should be an innovative security/compliance professional who has the ability to handle a wide range of compliance requirements, is willing to dive in to the details, can translate those requirements into scalable solutions, and is able to communicate at all levels within an organization.
Responsibilities include:

• Expertise – Lead teams that include Amazonians, partners, and customers to enhance healthcare regulatory compliance programs
• Solutions - Define and deliver innovative compliance and risk management approaches to customers that help the customer understand how to move sensitive workloads onto the cloud faster.
• Delivery – Engagements will require working to resolve security assurance questions and to understand how to manage risk and achieve compliance while operating in the AWS Cloud through deep dive discussions, strategic presentations/recommendations, and hands on demonstrations of automating compliance in the AWS environment.
• Insights - Work with AWS engineering, support and business teams to convey partner and customer feedback as input to AWS technology roadmaps.

Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have thirteen employee-led affinity groups, reaching 85,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Work/Life Balance
Our team puts a high value on work-life harmony. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here. We are a customer-obsessed organization—leaders start with the customer and work backwards. They work vigorously to earn and keep customer trust. As such, this is a customer facing role in a hybrid delivery model. Project engagements include remote delivery methods and onsite engagement that will include travel to customer locations as needed.

Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.



This is a customer facing role. You will be required to travel to client locations and deliver professional services when needed.

Basic Qualifications

• 10+ years experience in IT security, compliance and risk management, data privacy, or security controls
• 5+ years in IT security leadership role leading successful security initiatives
• Experience advising customers on architectures meeting industry standards such as HIPAA, HITRUST, ISO 27001, GDPR, and NIST/DoD frameworks
• Experience with enterprise risk management methods and techniques to drive successful outcomes in a global enterprise environment
• Bachelor's Degree in Computer Science, Information Systems Management, Information Security or equivalent experience required

Preferred Qualifications

• Experience in performing security assessments and information system audits of network, operating systems, application security, as well as auditing IT processes
• Clear understanding of Agile, CI/CD, DevOps approach and how they impact risk management and compliance
• Demonstrated ability to think strategically about business, product, and technical challenges
• Experience building enterprise governance, risk, and compliance programs or driving the program's evolution to meet new regulatory requirements
• Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience
• CISSP, CISA, CISM, or HITRUST Practitioner certification is preferred


The pay for this position in Colorado starts at $153,550 (yr); however, base pay offered may vary depending on job-related knowledge, skills, and experience. A sign-on bonus and restricted stock units may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered. This information is provided per the Colorado Equal Pay Act. Base pay information is based on market location. Applicants should apply via Amazon's internal or external careers site.







Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.