דרושים Security Controller Governance Risk & Assurance ב-אמזון ב-United Kingdom, London

Key job responsibilities
In addition to a strong understanding of security technologies, tool development, offensive and defensive security tactics, and ideally some experience with distributed systems, you’ll need a number of other qualities to be successful in this role. The team has a mix of experience levels, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior engineers, data scientists, and managers truly enjoy mentoring junior engineers, data scientists, and engineers from non-traditional backgrounds through one-on-one mentoring and thorough, but kind, code reviews.You will need to be a UK national and able to obtain and maintain a UK Government Security Clearance. Further details found here: https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levelsAbout the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- Extensive experience performing security investigations, penetration testing, and/or incident response in the context of large organisations
- In-depth understanding of security threats, hands-on experience detecting and defending from cyber attacks, and experience using big data analytics and orchestration to address security challenges. Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review
- Demonstrated technical leadership in security (e.g., tech lead, developed security architecture for a product or system, led technical component of security project, etc.) Experience leading and coaching junior security engineers to improve their skills and effectiveness

The Amazon Web Services Professional Services (ProServe) team is seeking a skilled Delivery Consultant to join our team at Amazon Web Services (AWS). In this role, you'll work closely with customers to design, implement, and manage AWS solutions that meet their technical requirements and business objectives. You'll be a key player in driving customer success through their cloud journey, providing technical expertise and best practices throughout the project lifecycle.
Possessing a deep understanding of AWS products and services, as a Delivery Consultant you will be proficient in architecting complex, scalable, and secure solutions tailored to meet the specific needs of each customer. You’ll work closely with stakeholders to gather requirements, assess current infrastructure, and propose effective migration strategies to AWS. As trusted advisors to our customers, providing guidance on industry trends, emerging technologies, and innovative solutions, you will be responsible for leading the implementation process, ensuring adherence to best practices, optimizing performance, and managing risks throughout the project.
Key job responsibilities
As an experienced technology professional, you will be responsible for:- Providing technical guidance and troubleshooting support throughout project deliveryAbout the team
Diverse Experiences: AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job below, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Mentorship & Career Growth - We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

- Experience in cloud based solution (AWS or equivalent), system, network and operating system
- 5+ years of hands-on security experience in two or more of the following: Cloud Security, Application Security (security SDLC, threat modeling, code review), Identity & Access Management, Network Security, Data Protection, Incident Response. Hands-on experience implementing enterprise security solutions (Data Loss Prevention, WAF, SIEM, etc.)

- Relevant security certifications (AWS Security Specialty, CISSP, CCSP, etc.) are a plus.
- Experience with complex, cloud transformation projects
- Strategic thinking and decision-making capabilities in ambiguous environments

Why This Role Matters
In the GenAI Innovation Center, we're tackling the most exciting and complex challenges in technology today. Our security leaders aren't just implementing solutions – they're inventing new approaches to security that will define industry standards for years to come.You'll be:
- Pioneering new security architectures for GenAI applications that will be studied and emulated across the industry- Creating the frameworks and best practices that will shape how enterprises implement secure GenAI solutions
- Leading the charge in developing novel security applications powered by GenAI itselfThe Innovation Opportunity
This role sits at the absolute tip of the spear of AWS innovation. You'll have the unique opportunity to:
- Drive industry-first solutions that bridge the gap between new and novel AI and enterprise security requirements
- Build a legacy as one of the pioneers who helped define secure GenAI implementation
Key job responsibilities
Security for GenAI
- Lead security architecture and implementation for enterprise GenAI deployments across EMEA
- Design and implement security controls specific to GenAI applications
- Develop security frameworks and governance models that enable rapid, secure GenAI adoption- Create reusable security accelerators and assets for AWS GenAI servicesGenAI for Security Innovation
- Design and implement innovative GenAI solutions for security use cases
- Create proof-of-concepts demonstrating novel applications of GenAI in security operations
- Develop new methodologies and tools for using GenAI to enhance security capabilities- Build security-focused applications leveraging AWS's GenAI services
Success in this role requires balancing deep technical expertise with strategic thinking while maintaining a relentless focus on customer trust and security excellence.A day in the life
About the team
Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why AWS
Work/Life BalanceMentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.AWS Global Services

Key job responsibilities
Responsibilities
- Coordinate the activities of a professional contract guard force
- Interface with and assist in mobilizing vendors involved in system repairs and new security construction
- Oversee individual security vendor deliverables, track service delivery and request corrective actions from vendors as needed
- Foster working relationships to educate data center stakeholders on false alarm reductions
- Extract metrics and observe improvements by looking at and analyzing data
- Verify Data Center security programs are delivered to meet defined global security standards
- Develop strategies for improving electronic surveillance and access controls
- Draft reports and prepare presentations on the status of physical security operations
About the team
You’ll join a diverse team of software, hardware, and network engineers, supply chain specialists, security experts, operations managers, and other vital roles. You’ll collaborate with people across AWS to help us deliver the highest standards for safety and security while providing seemingly infinite capacity at the lowest possible cost for our customers. And you’ll experience an inclusive culture that welcomes bold ideas and empowers you to own them to completion.
Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 1. Graduate in criminology, physical security or related field.
- 2. Experience in physical security, logistics or operational roles.

- Experience with the design, construction, operation, or maintenance of mission critical facilities, especially data centers
- Experience with physical security control and surveillance systems.

Key job responsibilities
Expertise - Lead technical teams to help partners and customers understand the opportunities for cloud technology to handle security and compliance requirements in key market verticals and regulated industries, such as financial services, healthcare, life sciences, and energy.
Solutions – Support in scoping of and lead on-site engagements with partners and customers. This includes leading pre-sales on-site visits, understanding customer security and compliance requirements, and delivering packaged offerings or custom solution engagements.
About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 8+ years of experience in an internal or external IT security audit or compliance assessment role.
- Candidate must possess at least one of the following security certifications CISSP, CISM, PCI-QSA certifications, or Certified ISO27001 Lead Implementer
- 8+ years of experience assessing/auditing customers on meeting PCI DSS, ISO 27001, HIPAA, HITRUST, FedRAMP, GDPR, FISMA or NIST/DoD standards.
- Bachelor’s degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience.

- Experience building common compliance framework controls as well as mapping between different compliance requirements
- Experience automating assessments in enterprise or cloud environments
- Experience assessing security controls for enterprise applications.
- Demonstrated breadth of security expertise in various sub domains such as encryption, identity, incident response, etc.
- Hands-on technical expertise in technology automation, implementation, integration, and/or deployment
- Demonstrated ability to think strategically about business, product, and technical challenges
- Experience with risk assessment methodologies and risk reporting for executive leadership
- Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience

Key job responsibilities
- Contribute to the development of automation of repetitive tasks.
- Actively participate in updating documentation and sharing knowledge across your global peers.
- Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceMentorship & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 3+ years equivalent technology experience
- Strong understanding of security concepts with a security mindset.
- Strong understanding of computer and network weaknesses and mitigating controls.
- Strong ability to understand risk and prioritisation in the context of the business.
- Ability to communicate effectively within technical and business settings.
- Ability to document learnings and contribute to knowledge sharing and runbook building.
- Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).
- Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.

- 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.
- Ability to prioritise multiple tasks and projects.
- Have a passion to learn and thrive in a dynamic and constantly changing environment.
- Experience with virtualisation technologies, especially with AWS services.
- Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.
- Understanding of best practices across multiple security disciplines/domains.
- Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.
- Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.

Key job responsibilities
Delivery – Working to resolve security assurance questions and to understand how to manage risk and achieve security and compliance objectives while operating in the AWS Cloud through deep dive discussions, strategic presentations/recommendations, and hands on demonstrations of automating compliance in the AWS environment.
About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 5+ years’ experience in leading teams within IT security, compliance and risk management, data privacy, or security controls.
- 3+ years’ experience advising customers on architectures meeting NIST-based industry standards such as NIST 800-53, FedRAMP, NIST 800-171, and CMMC.
- 3+ years’ experience with enterprise risk management methods
- 3+ years’ experience assessing the security posture and producing evidence of control effectiveness in cloud environments
- Bachelor’s degree in computer science, Information Systems Management, Information Security or equivalent experience required.