APAC Security Audit Specialist, Global AWS Assurance, Security Assurance
DESCRIPTION
Do you have a passion for applying cutting edge technologies to automate traditionally manual processes? Do you have experience in finding innovative solutions to scale security controls across diverse teams and technologies? Do you have ideas about influencing the future of security assurance?
At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At our scale, we invent new ways to provide the highest level of assurance to our most security conscious customers. Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our industry specialists ensure that AWS can meet customers audit, assurance and regulatory expectations. We are looking for an independent, passionate, and deeply experienced security audit specialist with expertise and experience in developing and implementing technology audit and assurance programs across Asia-Pacific. You will be responsible for defining and developing an audit and assurance program for our customers and countries in South Korea and across Asia-Pacific, along with hiring and managing the team that will work in specific markets.
At our scale, we are committed to inventing new ways to provide the highest level of assurance to our most security conscious customers. You have a strong foundation in audit principles, as well as a diverse technology, privacy and assurance background. You have led teams and delivered challenging and complex audit and assurance programs. We have a team culture that encourages ownership, diversity, inclusion, and innovation. We expect team members and management alike to take a high degree of ownership for their program, vision and execution. We expect this person to balance their unique perspective with those of the diverse perspectives of the team and its stakeholders. You will have an opportunity to work directly with most divisions across AWS as we build the tools and evidence needed to demonstrate assurance for our customers. Your technical and audit background will help bridge security, technology, and compliance, and facilitate the scale of the program.
This role is responsible for AWS' flagship audit, attestations and certifications in South Korea. It also requires the ability to develop long-term projects and define processes and methods to ensure seamless execution across multiple internal and external stakeholders, including customers, auditors and regulatory agencies across Asia-Pacific.
You are someone who can prioritize well, communicate early and clearly, and will be able to demonstrate track record of delivering both personally and through your team. You will be a positive influencer across diverse teams, be able to effectively rally support for your initiatives and be able to help independent industry specialists drive simple, scalable solutions to meet customer and regulator expectations. You will be able to show how you have used data to escalate and drive necessary change.
Key job responsibilities
This position will be responsible for the following activities:
* Dive deep into customers' audit and assurance expectations across all industry sectors in South Korea and Asia-Pacific geographies.
* Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions.
* Develop understanding of regulated industry compliance requirements and communicate how our control activities meet global regulatory obligations.
* Develop strategic direction for security audit and assurance activities in South Korea market
* Liaise with strategic customers, regulators and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to a cloud environment.
* Monitor, evaluate, and continuously improve the organization by being a trusted adviser, facilitator and creative problem solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
* Apply a sound knowledge of global information security regulation and policy to articulate customer and regulatory impact and drive alignment to AWS environment.
BASIC QUALIFICATIONS
* 8+ years of professional experience in technology and security audit and assurance activities and security implementations within regulated industries or a provider of services to regulated industries.
* Relevant experience working directly with customers' C-suite, boards of directors, regulators and executives on financial regulatory, technology, or related policy issues.
* Advanced degree in related area of study (Computer Science, Engineering, Cyber Security, IT Audit, Technology Risk Management, IT Security Management).
* Experience delivering programs such as RSEFT, K-ISMS, PCI DSS, SOC 1/2/3, ISO 27001/27017/27018/22301/20000, TIA-942, FedRAMP, HIPAA, IRAP, FISC, K-ISMS, MTCS, or C5 etc.
PREFERRED QUALIFICATIONS
* Strong verbal and written communications skills, as well as the ability to work effectively across internal and external organizations.
* Demonstrated ability to effectively and comfortably interact at senior and executive levels.
* Self-starter with proven track record of successfully working with a wide array of functional groups across an organization and cultures as well as working independently.
* Experience auditing cloud environments
* Strong analytical and critical thinking skills with the ability to use data to back up assumptions, recommendations and drive actions.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.