Senior Manager, Vulnerability Management - InfoSec
Austin, Texas, USA
Amazon’s Information Security team is a customer-focused organization that strives to provide excellent customer service to both internal and external customers while meeting its number one priority: preserving customer trust.
We're looking for a highly technical manager for the Vulnerability Management team, focused on programmatically managing risk within Amazon and its subsidiaries. If you enjoy working in a rapidly changing environment and influencing the strategic direction of a large global organization, this position will provide you with a challenging opportunity.
Key tasks include:
· Establishes credibility and maintains strong working relationships with groups involved with information security matters (Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.)
· Responsible for building information security as a core competency throughout our relationships with our internal teams/partners/vendor; this includes providing education and training to the organization.
· Integrates information security into organizational IT processes and business development.
· Provides support and implementation for Vulnerability Management projects.
· Establishes metrics and regular reporting mechanisms for measuring compliance and performance of Vulnerability Management projects.
· Works proactively with business teams to ensure compliance objectives are met.
· Responsible for continual process improvement and innovation in assessment process, policies and procedures enabling the Vulnerability Management team to be on time, on budget, and on quality.
· Evaluates complex business and technical requirements, and translates those into meaningful project elements.
· Strategically carve complex program elements into meaningful projects
· Delivers findings, recommendations and remediation steps for all activities
· 5+ years experience directly managing and developing high performance security teams
· 5+ years of hands-on experience of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques OR security controls and processes such as passive network monitoring, endpoint detection and response, incident response, vulnerability management
· Strong information security risk-based prioritization abilities
· Excellent verbal and written communication skills,
· BA/BS in computer science, information security, related discipline, or equivalent work experience
· Experience with vulnerability scanning solutions and vulnerability management.
· Knowledge in security engineering, system and network security, security protocols, cryptography, and application security.
Preferred Qualifications· Experience working with and managing teams across multiple locations
· Experience architecting/operating/securing Amazon Web Service
· Information security professional certifications encouraged (SANS GIAC, CISSP etc.)
· Expereince with how to incorporate threat risk, costs, technology, business, and industry context into security solutions.
· Strong track record of inventing, evolving, improving and simplifying security solutions.
Job tags: CISSP Cryptography GIAC Incident response Network security SANS Vulnerability management