Senior Compliance Specialist - FedRAMP, AWS Compliance & Security Assurance

Amazon•Arlington, VA

About The Position

At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for diving deep into industry requirements, establishing and maintaining regulatory and authority relationships for security requirements and establish long-term strategies to meet customer and regulatory security assurance needs and requirements. At AWS' scale, we hire experienced builders to design and operate scalable mechanisms to provide the highest level of assurance to our most regulatory conscious customers. We are looking for a highly motivated senior industry expert to join our Government Compliance and Authorization Team. As part of the team, you will own and lead a strategic element of our US Government Compliance Program (e.g. FedRAMP, 20x and DoD). Our team solves complex compliance challenges, dives deep into compliance requirements for both AWS and our customers, improves processes, and drives greater efficiencies in meeting expectations. This role facilitates our ability to grow and scale our internal compliance processes and mechanisms to meet the compliance and regulatory expectations in the US Public Sector Market. You should be an experienced and industry professional who has the ability to understand IT and compliance processes, evaluate opportunities for improvement, and to be able to drive innovative campaigns across organizations and teams.

Requirements

Bachelor's degree or equivalent in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics, or a related discipline, or equivalent technology experience
5+ years of program management, project management or product management experience
5+ years of security, compliance and risk management experience, or degree in advanced technology
3+ years of FedRAMP or NIST compliance program experience

Nice To Haves

Experience in written and verbal communication skills to communicate with technical and non-technical audiences, including senior leadership
Understanding and experience implementing/overseeing Government compliance requirements/programs such as FedRAMP, DoD CSP-SRG, CMMC
Experience working with US Government Compliance Frameworks/Programs including: FedRAMP, DoD SRG, NIST, ISO, FISMA, RMF, OSCAL
Experience performing FedRAMP advisory projects

Responsibilities

Evaluating the effectiveness and efficiency of compliance program activities and recommend improvements to improve delivery at scale.
Leading and managing projects and campaigns with excellent project management skills.
Creating operational mechanisms to address recurring escalation patterns and persistent challenges
Simplifying and decomposing security compliance requirements into clear technical specifications and policies
Setting the vision and connecting the vision between technology, business strategies and requirements
Communicating to senior leadership the status and key deliverables of team initiatives, seek diverse opinions and lead improvement efforts. Leading Escalations
Influencing incoming and present regulations, legislation, mandates and standards for the betterment of AWS and our customers and reduce the impact to our internal and external stakeholders
Fielding and addressing requests for team support in collaboration with internal and external stakeholders.
Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.
Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.
Transforming raw thoughts into clear technical documentation and/or direction.
Operating a quality rhythm of the business for managing compliance expectations.
Using high judgment to distill diverse inputs from large customer segments and stakeholders to set a vision and design the right long-term solutions.
Leading a large, challenging initiative.