Security Engineer, Third Party Security

This position is available in Austin, Arlington, and Seattle.

The Third Party Security (TPS) team looking for a highly motivated Security Engineer. TPS is responsible for assessing the security of third party who get access to Amazon’s data, to determine if the third party meets Amazon’s security bar. The TPS team handles global third party security assessments for the Amazon Consumer Digital and Others (CDO) organization. If you enjoy working at scale in a rapidly changing environment and influencing the protection of our customers within a large global organization, this position will provide you with a challenging opportunity.

Key job responsibilities

• Acting as subject matter expert on risk-based security reviews and assessments at a high volume
• Collecting/reviewing data from multiple sources to assess a third party's security
• Building, evolving, and improving sustainable processes and measurement systems to ensure that security policy requirements are maintained
• Preparing reports for senior management on the state of vendor compliance
• Reviewing exceptions to Amazon policy and determining risk and impact
• Serving as an advisor on security & compliance issues for operations staff
• Maintaining a broad understanding of the global regulatory landscape impacting Amazon
• Advising project and legal teams on ensuring the required security terms are in contracts and participate in contract negotiations with sensitive external partners at a global level
• Determining strategy for highly sensitive and/or high profile assessments
• Maintaining metrics on global vendor security and compliance
• Ensuring the team delivers on security goals, and make recommendations for incremental process improvement
• Occasional travel may be required

Basic Qualifications

• 1+ years of relevant Information Security experience
• 1+ years of technical Risk Assessment experience
• Technical knowledge in at least one security domain such as engineering, system and network security, authentication, or security protocols

Preferred Qualifications

• CISSP, CISA, or related Information Security certification
• Consistent demonstration of utilizing automation to solve recurring problems at scale
• Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
• Excellent leadership, teamwork and collaboration skills
• Skilled in risk management, business risk analysis, and making complex business/risk trade-off recommendations and decisions
• Results-oriented, high energy, self-motivated

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.


Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $111,600/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.