Security Compliance Manager, AWS Security

Seattle, Washington, USA

Applications have closed

Amazon.com

Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...

View company page

Job summary
At Amazon Web Services (AWS), cloud security is our highest priority. The Security Compliance Manager will engage with contracts, legal, assurance, and engineering teams across Amazon to make sure we are meeting or exceeding customer commitments. The Security Compliance Manger will serve as the subject matter expert for internal security tools, partner with security assurance and engineering teams to continue to demonstrate the effectiveness of our control mechanisms to external customers, and inform requirements for new mechanisms to raise the bar for security.

Core responsibilities of the role include leading a small team of Industry Specialists to identify compliance and customer requirements and update existing narratives to explain our internal security control mechanisms. As we build new security mechanisms, you will inform compliance requirements for the tools and document test procedures and narratives to demonstrate their effectiveness. This position offers a unique opportunity to drive process improvement for security controls at scale and earn trust with global customers.

To be successful in this role, you will demonstrate cloud compliance expertise, earn trust with internal service teams, and obsess over gaining the trust of external customers. You will work with engineering, legal, and security assurance teams to identify opportunities to continue to improve AWS's security posture. You prioritize well, communicate clearly, and have a consistent track record of delivery. You understand how to earn trust while driving results that meet high standards.

This position is open in Arlington, VA or Herndon, VA.

Key job responsibilities
As a Security Compliance Manager, you will:
• Manage a small team of Industry Specialists to evaluate incoming compliance requests, identify control requirements, and document compliance narratives and test procedures for existing and new control mechanisms;
• Dive deep into the Amazon control environment to develop a technical understanding of internal security controls;
• Communicate external control requirements to internal engineering teams that are building new internal security tools to raise the bar for security;
• Identify opportunities to streamline processes for engineers to demonstrate control effectiveness;
• Inform audit interview and walk-through processes that provide a consistent approach and message to external customers; and
• Develop your team and have a vision for and commitment to their personal success.

About the team
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
 
Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring. We care about your career growth as a passionate learner that is motivated to take on challenges.
 
Work/Life Balance
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.

Basic Qualifications


• Bachelor's Degree in Computer Science, Accounting or Auditing, Information Systems Management, or other related fields
• 5+ years of experience managing and developing teams in technical, consulting, or auditing roles
• 5+ years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. FedRAMP, SOC1, SOC 2, HITRUST, or ISO)
• 5+ years of experience managing, analyzing and communicating results to senior management
• 5+ years of experience working cross functionally with tech and non-tech teams
• 5+ years of project management experience and demonstrated knowledge of program management best practices
• Excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences

Preferred Qualifications

• Masters Degree in related field
• Demonstrated ability to define, influence, refine and implement processes, procedures, and policies
• Strong analytical and quantitative skills with the ability to use data and metrics to back up assumptions, evaluate outcomes, and challenge conventional wisdom
• Demonstrated experience leading a productive, high performing, and just work environment


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Tags: Audits AWS Cloud Compliance Computer Science FedRAMP HITRUST SOC SOC 1 SOC 2

Perks/benefits: Career development Conferences Flex hours Team events

Region: North America
Country: United States
Job stats:  7  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.