המקום בו המומחים והחברות הטובות ביותר נפגשים
You will act as a key member of the team responsible for ensuring security is embedded early into Amazon dev-teams including performing security-compliance assessments, working with tech teams on practical and scalable remediation, raising security awareness, mentoring your peers, and enabling security by design. You will work independently and navigate through ambiguity when program strategy is not defined, and deliver results. You will also be able to earn trust to establish credibility and maintain strong working relationships with all peers and stakeholders (Security, Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, etc.).We operate in a hyper-growth environment where priorities shift quickly, so a passion and discipline around security and delivery is critical. You will tackle challenging situations every day and, given the size of this initiative, you will collaborate with various levels across Buy with Prime, Multi-Channel Fulfillment, AWS and other Amazon orgs.
Key job responsibilities
- INTERNAL SECURITY ASSESSMENTS: Lead thorough security assessments of internal services to identify vulnerabilities, risks, and compliance issues, become an expert in service architectures, threat models, implemented controls, and gaps in controls.
A day in the life
- Force multiplying the assessment of our services and features against a control framework- Mentoring peers and raising security awareness
- 8+ years of IT, risk & assurance and cybersecurity experience.
- 5+ years of working directly with engineering teams as a security-professional experience.
- 5+ years of experience in security-compliance consulting or advisory work in support of a highly technical and global environment
- Have a deep understanding of cybersecurity concepts, industry regulatory standards, and pragmatic enterprise best practices.
- Bachelor’s Degree in Computer Science, Technical Auditing, Information Systems Management, Cyber Security, or other related fields
- Basic understanding of cloud and enterprise security controls like identity and access management, encryption, audit logging and monitoring, backup and recovery, supply chain security, etc.
- Masters degree in Computer Science, Technical Auditing, Information Systems Management, Cyber Security, or other related fields.
- CISSP, CISA, CISM, AWS Solutions Architect Associate/Professional, AWS Security Specialty and/or other comparable security controls or audit certifications preferred.
- 3+ years of experience in performing and/or participating in technical audits/assessments
- Experience communicating assessment results and remediation strategy with senior leadership, and prioritizing and remediating findings with service/system owners
- Experience in IT program or project management and/or control framework development and implementation.
משרות נוספות שיכולות לעניין אותך