Security Industry Specialist, AWS Compliance & Security Assurance

About The Position

Requirements

• Experience in security or compliance consulting or advisory work in support of a highly technical environment
• Experience performing technical audits/assessments in direct support of a major compliance effort (e.g., ISO, NIST, SOX, PCI, HIPAA, GDPR and other regulatory/industry certifications)
• Bachelor's degree or above in accounting, information systems, finance, or equivalent

Nice To Haves

• Experience with audit or risk program design, control environment process documentation, and control mapping
• Experience understanding product and technical requirements and interfacing with Product/Technology teams
• Experience defining roadmap strategy and prioritizing deliverables for your team products
• Experience designing and implementing controls or experience performing audits over financial reporting environment

Responsibilities

• Develop a deep understanding of the operational services, processes, and controls in place that support AWS's security posture.
• Understand our Risk and Control Library and how it relates to our assessment processes.
• Perform service, feature, and other related assessment work for customer and audit requirements.
• Work with service, infrastructure and administrative teams to develop and deliver tooling that improves AWS's security posture.
• Identify process improvement opportunities and high risk areas.
• Work with service owners to develop innovative solutions to complex technical challenges.
• Manage the build and deployment of new tooling to streamline and automate security-related initiatives.
• Support process improvement and security-related projects in coordination with service teams.
• Manage communications to service teams and stakeholders.
• Dive deep into the AWS control environment to develop technical understanding of control implementation, and articulate compliance implications to internal and external audit functions.
• Set strategic direction, improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness.
• Develop broad domain and technical knowledge in AWS security solutions including the operational processes and controls in place that support AWS compliance programs.
• Monitor, evaluate, and continuously improve the organization by being a trusted advisor, facilitator and creative problem solver.
• Develop and share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
• Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment.
• Effectively communicate compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.

Benefits

• health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
• 401(k) matching
• paid time off
• parental leave