Skip to main content

APAC IT Security Audit Lead, Global AWS Assurance, Security Assurance

Job ID: 2859507 | Amazon Web Services Korea LLC - D54

DESCRIPTION

Do you have a passion for applying cutting edge technologies to automate traditionally manual processes? Do you have experience in finding innovative solutions to scale security controls across diverse teams and technologies? Do you have ideas about influencing the future of security assurance?

At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At our scale, we invent new ways to provide the highest level of assurance to our most security conscious customers. Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our industry specialists ensure that AWS can meet customers audit, assurance and regulatory expectations. We are looking for an independent, passionate, and deeply experienced security audit specialist with expertise and experience in developing and implementing technology audit and assurance programs across Asia-Pacific. You will be responsible for defining and developing an audit and assurance program for our customers and countries across Asia-Pacific, along with hiring and managing the team that will work in specific markets.

At our scale, we are committed to inventing new ways to provide the highest level of assurance to our most security conscious customers. You have a strong foundation in audit principles, as well as a diverse technology, privacy and assurance background. You have led teams and delivered challenging and complex audit and assurance programs. We have a team culture that encourages ownership, diversity, inclusion, and innovation. We expect team members and management alike to take a high degree of ownership for their program, vision and execution. We expect this person to balance their unique perspective with those of the diverse perspectives of the team and its stakeholders. You will have an opportunity to work directly with most divisions across AWS as we build the tools and evidence needed to demonstrate assurance for our customers.
 Your technical and audit background will help bridge security, technology, and compliance, and facilitate the scale of the program.

This role, will be the single threaded owner of AWS' flagship audit, attestations and certifications across Asia-Pacific, requires the ability to develop long-term projects and define processes and methods to ensure seamless execution across multiple internal and external stakeholders, including customers, auditors and regulatory agencies across Asia-Pacific.

You are someone who can prioritize well, communicate early and clearly, and will be able to demonstrate track record of delivering both personally and through your team. You will be a positive influencer across diverse teams, be able to effectively rally support for your initiatives and be able to help independent industry specialists drive simple, scalable solutions to meet customer and regulator expectations. You will be able to show how you have used data to escalate and drive necessary change.

This position will be responsible for the following activities:

Dive deep into customers' audit and assurance expectations across all industry sectors and Asia-Pacific geographies.

Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions.

Develop understanding of regulated industry compliance requirements and communicate how our control activities meet global regulatory obligations.

Develop strategic direction for security audit and assurance activities across all Asia-Pacific markets.

Liaise with strategic customers, regulators and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to a cloud environment.

Monitor, evaluate, and continuously improve the organization by being a trusted adviser, facilitator and creative problem solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.

Apply a sound knowledge of global information security regulation and policy to articulate customer and regulatory impact and drive alignment to AWS environment.

About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Mentorship and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

BASIC QUALIFICATIONS

8+ years of professional experience in technology and security audit and assurance activities and security implementations within regulated industries or a provider of services to regulated industries.

8+ years of experience building and managing teams of technical, audit, assurance and regulatory specialists, with remote management experience.

Relevant experience working directly with customers' C-suite, boards of directors, regulators and executives on financial regulatory, technology, or related policy issues.

Advanced degree in related area of study (Computer Science, Engineering, Cyber Security, IT Security Management).

Experience delivering programs such as SOC, ISO20000, TIA942, ISO27001 etc

PREFERRED QUALIFICATIONS

Highly effective oral, written and interpersonal communication skills;

Demonstrated ability to effectively and comfortably interact at senior and executive levels.

Experience and proficiency in public speaking

Self-starter with proven track record of successfully working with a wide array of functional groups across an organization and cultures as well as working independently.

Strong analytical and critical thinking skills with the ability to use data to back up assumptions, recommendations and drive actions.

For the right candidate, this role can be based at any of these locations - Delhi, Bangalore, Mumbai or Hyderabad.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.