Privacy Engineer, Incident Response, Devices & Services Trust, Privacy, and Accessibility (TPA)

Amazon•Bellevue, WA

1d•Onsite

About The Position

The Devices and Services Trust and Privacy (DSTP) team is looking for a passionate Security and Privacy Incident Response Engineer who can lead the response to privacy and data protection issues across Devices & Services. This role requires thriving in dynamic/ambiguous situations, thinking like both an attacker and defender, and working through the entire incident response lifecycle. The engineer will work in a global team environment where clear and accurate communication and collaboration on privacy and data protection issues is critical. The role involves applying creative and critical problem-solving skills to quickly contain incidents and then working with cross-functional teams to remediate the root cause. A passion for engineering solutions to complex privacy and data governance challenges, recognizing and filling gaps in capabilities, and a strong interest in privacy, information security, the evolving threat landscape, and privacy/security automation and tooling are essential.

Requirements

Bachelor's degree in computer science or equivalent
5+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+

Nice To Haves

Experience applying threat modeling or other risk identification techniques or equivalent
3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience

Responsibilities

Manage escalated privacy and trust risk events/cases from start to finish; write detailed case notes, reports, summaries, short and long-term recommendations, and trade-off analyses for all audiences, including senior leadership.
Interact with and influence other teams (e.g., service teams, engineering, product, legal); identify experts and stakeholders on other teams to support decisions on containing incidents or mitigating privacy and trust risks; build consensus and recommendations based on analysis of the nature of potential violations to Privacy Policies, Promises, or Legal/Regulatory requirements.
Own successful delivery of large, impactful, and highly cross-functional program initiatives while simultaneously tracking a set of smaller projects.
Demonstrate comfort with handling technical investigations and analysis, and provide actionable recommendations to senior leadership audience with minimal supervision.
Develop deep knowledge of global privacy and data governance obligations, processes, best practices, and solutions utilized by Amazon. Utilize this knowledge to provide recommendations and consultation to improve DSTP processes and tooling and reduce risk through control automation and enhancements.
Establish metrics and regular reporting/escalation mechanisms for measuring results, progress, and gaps in performance and compliance.
Communicate plans, status, and critical issues clearly and effectively.
Support deep dive assessments and ad-hoc data analysis requests.

Benefits

health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
401(k) matching
paid time off
parental leave
sign-on payments
restricted stock units (RSUs)

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume