3P Security Specialist II, Third Party Security

Job summary
At Amazon, we are obsessed with customer trust. Information Security enables Amazon business leaders to securely develop and operate to maintain Customer Trust by guarding the confidentiality and integrity of Amazon and customer data. We assess risk, classify data and systems, detect potential intrusion, and render useless the value of data that may be leaked.

The Third Party Security (TPS) team looking for a highly motivated Security Specialist II. TPS is responsible for assessing the security of third parties who get access to Amazon’s data, to determine if the third party meets Amazon’s security bar. The TPS team handles global third party security assessments for the Amazon Consumer Digital and Others (CDO) organization. If you enjoy working at scale in a rapidly changing environment and influencing the protection of our customers within a large global organization, this position will provide you with a challenging opportunity.

Key job responsibilities

• Acting as subject matter expert on risk-based security reviews and assessments at a high volume
• Collecting/reviewing data from multiple sources to assess a third party's security
• Building, evolving, and improving sustainable processes and measurement systems to ensure that security policy requirements are maintained
• Preparing reports for senior management on the state of vendor compliance
• Reviewing exceptions to Amazon policy and determining risk and impact
• Serving as an advisor on security & compliance issues for operations staff
• Maintaining a broad understanding of the global regulatory landscape impacting Amazon
• Advising project and legal teams on ensuring the required security terms are in contracts and participate in contract negotiations with sensitive external partners at a global level
• Determining strategy for highly sensitive and/or high profile assessments
• Maintaining metrics on global vendor security and compliance
• Ensuring the team delivers on security goals, and make recommendations for incremental process improvement
• Occasional travel may be required

Basic Qualifications

• 5+ years of relevant Information Security experience
• 2+ years of technical Risk Assessment experience
• Technical knowledge in at least one security domain such as engineering, system and network security, authentication, or security protocols

Preferred Qualifications

• CISSP, CISA, or related Information Security certification
• Consistent demonstration of utilizing automation to solve recurring problems at scale
• Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
• Excellent leadership, teamwork and collaboration skills
• Skilled in risk management, business risk analysis, and making complex business/risk trade-off recommendations and decisions
• Results-oriented, high energy, self-motivated
• Occasional travel may be required

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.