Security Compliance Specialist, Specialized Businesses Security
Apply NowCompany: Amazon
Location: Seattle, WA 98115
Description:
Amazon's Specialized Businesses Security Compliance team is growing and looking for a highly motivated security compliance specialist to help us enhance and integrate our governance and compliance programs. You will help to determine the high security bar we hold for our products, analyze regulatory and certification requirements, and ensure we have sufficient enforcement mechanisms to keep our products and services safe for our customers. You should be a technically experienced and innovative security governance, risk, and compliance professional who has the ability to understand systems, security, and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams.
Key job responsibilities
* Understand and rationalize compliance requirements for service and device security.
* Provide business specific interpretations and support automation opportunities
* Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
* Engage with the Business and SMEs to define and ensure compliance to information security policies
* Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations
About the team
The Specialized Businesses Security Compliance Team supports Amazon's advertising, devices, and media businesses by defining the security bar for our products and services, ensuring regulatory compliance, and obtaining and maintaining industry certifications and standards. We work across products like Alexa, FireTV, Eero, and others, as well as services like Prime Video and Amazon's advertising platform to ensure the safety and security of our customers and their data.
BASIC QUALIFICATIONS
* 6+ years experience in security or compliance work in support of a highly technical environment
* 3+ years experience designing, implementing, and/or running technical GRC solutions
* Experience working with multiple security frameworks and regulations like ISO 27001/2, HIPAA, NIST 800-53, NIST CSF
* Experience writing technical documents and/or policies and standards
* Bachelor's degree in Information Security, Computer Science, Risk Management, Engineering, Information Systems, or related discipline, or 5+ years' equivalent technology experience
PREFERRED QUALIFICATIONS
* Experience working directly with security engineers, auditors, and development teams
* Solid technical background and familiarity with AWS core services (EC2, S3, DDB, RDS, KMS, etc.)
* Experience with hardware and software development processes, products launches and lifecycles of devices and/or services
* Consistent demonstration of utilizing automation to solve recurring problems at scale
* Demonstrated ability to work through ambiguity to detailed solutions
* Excellent written and verbal communication skills while engaging both technical and non-technical stakeholders
* Technical knowledge in multiple security domains such as engineering, applications, system and network security, identity and authentication security protocols
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company's reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $196,300/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
Key job responsibilities
* Understand and rationalize compliance requirements for service and device security.
* Provide business specific interpretations and support automation opportunities
* Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
* Engage with the Business and SMEs to define and ensure compliance to information security policies
* Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations
About the team
The Specialized Businesses Security Compliance Team supports Amazon's advertising, devices, and media businesses by defining the security bar for our products and services, ensuring regulatory compliance, and obtaining and maintaining industry certifications and standards. We work across products like Alexa, FireTV, Eero, and others, as well as services like Prime Video and Amazon's advertising platform to ensure the safety and security of our customers and their data.
BASIC QUALIFICATIONS
* 6+ years experience in security or compliance work in support of a highly technical environment
* 3+ years experience designing, implementing, and/or running technical GRC solutions
* Experience working with multiple security frameworks and regulations like ISO 27001/2, HIPAA, NIST 800-53, NIST CSF
* Experience writing technical documents and/or policies and standards
* Bachelor's degree in Information Security, Computer Science, Risk Management, Engineering, Information Systems, or related discipline, or 5+ years' equivalent technology experience
PREFERRED QUALIFICATIONS
* Experience working directly with security engineers, auditors, and development teams
* Solid technical background and familiarity with AWS core services (EC2, S3, DDB, RDS, KMS, etc.)
* Experience with hardware and software development processes, products launches and lifecycles of devices and/or services
* Consistent demonstration of utilizing automation to solve recurring problems at scale
* Demonstrated ability to work through ambiguity to detailed solutions
* Excellent written and verbal communication skills while engaging both technical and non-technical stakeholders
* Technical knowledge in multiple security domains such as engineering, applications, system and network security, identity and authentication security protocols
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company's reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $196,300/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.