TPM, Information Security Advisory, AWS

• 7+ years of experience working directly with engineering teams
• Experience managing projects across cross functional teams, building sustainable processes and coordinating release schedules
• 5+ years of technical program management experience

Amazon’s Global Internal Audit organization is seeking an experienced information security professional to join Internal Audit’s newly formed Security Audit Program.

In this role, you will serve as the Information Security Audit Program’s primary point of contact for AWS. You will lead audit’s security relationship across AWS and will work closely with their security, services, and product teams to understand its security posture, business, and key initiatives.
In this role you will need to provide out of the box, creative, and innovative ideas while leveraging your prior experience and skills in security engineering, operations, and DevSecOps in order provide targeted and strategic recommendations to our AWS security and product teams.
You will need to have a track record for influencing senior business leaders and security roadmaps, focusing on long-term objectives for the enterprise.

Key Responsibilities:

• Lead independent security audits and assessments of AWS Security’s programs, processes and tooling
• Support audits and assessments of AWS public facing services and supporting operations
• Collaborate and partner with IA technical auditors and Red Team during audits and assessments
• Document security related gaps and findings and work with business partners to develop strategic and enterprise level remediation plans
• Analyze historical security-related AWS internal audit findings, leverage existing security data sources to identify recurring security risk themes,
• Work with the Internal Audit teams to develop a prioritized roadmap of security-related projects
• Provide security guidance and insights during AWS audit planning meetings to identify relevant security risks and recommendations for all AWS-related audits.

In this role, you will use your excellent writing skills to succinctly communicate complicated technical issues in business terms that drive enterprise-wide action. You will help prepare reports and make presentations to AWS’s senior security and business leaders.

Up to 10% travel may be required, including international travel.

Preferred Qualifications

• Strong understanding of software development lifecycle and systems, data, and cloud architecture concepts.
• Proven history of designing architectural solutions and security designs
• AWS architecture and solutions design
• Proven history of integrating security into an agile or DevOps environment ·
• Proven history of analyzing data to identify meaningful observations and driving enterprise-wide solutions
• Track record of driving big/real improvements (either with own resources or through influencing others).
• Relevant certifications (AWS, SANS, CEH).
• Excellent written and verbal communication skills
• Exhibits excellent judgment and has relentlessly high standards
• Thinks strategically, but stays on top of tactical execution
• Has the innate ability to inspire passion in others

NOTE: We are open to considering candidates in the NJ/NY, San Francisco, and Austin areas to work out of our local corporate offices.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.