Skip to main content

AWS Security Controls Professional, AWS Security Assurance

Job ID: 2810662 | Amazon Web Services, Inc.

DESCRIPTION

At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At AWS' scale, we invent new ways to provide the highest level of assurance to our most security conscious customers.

We are looking for a independent and motivated IT audit specialist with security controls experience to join our team. As part of the team, you will be responsible for maintaining our internal AWS security controls product to serve our external audit function. You will understand AWS’s internal controls that strategically address our customers’ goals and objectives, and work with builders to document security controls that fulfills AWS compliance requirements. Additionally, you will be responsible for helping maintain the product’s lifecycle: from control validation to review cycles, to bar-raising our internal controls.

The successful candidate is one who can dive deep into AWS’s security architecture and understand how the different components work together to build comprehensive security and compliance strategies. We have a team culture that encourages ownership, diversity, inclusion, and innovation. Our team members and management alike take a high degree of ownership for their program vision, execute their own ideas, and hold themselves and team members to a high bar. Our team members balance their unique perspective with those of the diverse perspectives of the team and its stakeholders. You will work directly with divisions within AWS service to improve AWS’ ability to demonstrate assurances for our internal and external customers.

In this role, you will document, refine, and improve our current control workpapers, and helps us engineer and design tech-backed solutions to provide a good customer experience with the security controls product. We seek an industry professional who can understand core compliance frameworks, dive deep into IT processes, document our best practices, and drive innovative process changes through multiple organizations and teams.

This position can work out of our AWS office in Arlington or Herndon, VA; Seattle, WA.


Key job responsibilities
This position will be responsible for the following activities:
• Review security controls and write new security controls
• Communicate our security controls to internal stakeholders and customers
• Communicate to key stakeholders the operational processes around AWS security practices and how controls are implemented across the environment.
• Communicate to leadership key risks and areas of program improvement, as well as seek diverse opinions and coordinate improvement efforts.
• Dive deep into the AWS control environment to develop broad domain and technical understanding of AWS control activities and implementation to articulate compliance to key stakeholders.
• Be able to deliver independently, but seek guidance from managers and mentors.

BASIC QUALIFICATIONS

· Bachelor’s Degree in Computer Science, Information Systems Management, Mathematics, Accounting/Auditing, or other related fields
· 3+ years of experience in security, audits, customer trust, control assessments, and/or security controls.
· 3+ years of experience assessing complex technical processes

PREFERRED QUALIFICATIONS

· Experience with monitoring and automating security controls.
· Experience in third-party, Government, and/or internal audit examinations.
· Demonstrates high judgement and risk decision making abilities.
· Experience with understanding, implementing, and/or writing IT security policies
· Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes, including working knowledge of key controls across a number of industry best practices
· Meets/exceeds Amazon’s leadership principles requirements for this role.
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role.


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $196,300/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.