|Job Type:||Full Time|
The AWS Global Professional Services Security, Risk, and Compliance team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud. Are you a Governance, Risk, and Compliance leader who can address the challenges of migrating systems and workloads to the cloud? Are you skilled at helping executives address their enterprise risk management requirements using highly scalable computing architectures?
AWS offers a cloud platform with a global reach and we are looking for a passionate and experienced professional to help the expansion of the Security Assurance and Advisory practice. This role will help enable our customers in moving their workloads and regulated data into the cloud by addressing specific risk, regulatory, and compliance requirements.
The ideal candidate should be an innovative security/compliance professional who has the ability to handle a wide range of compliance requirements, is willing to dive in to the details, can translate those requirements into scalable solutions, and is able to communicate at all levels within an organization.
- Expertise – Lead teams that include Amazonians, partners, and customers to enhance security assurance and compliance programs
- Solutions - Define and deliver innovative compliance and risk management approaches to customers that help the customer understand how to move sensitive workloads onto the cloud faster.
- Delivery – Engagements will require working to resolve security assurance questions and to understand how to manage risk and achieve compliance while operating in the AWS Cloud through deep dive discussions, strategic presentations/recommendations, and hands on demonstrations of automating compliance in the AWS environment.
- Insights - Work with AWS engineering, support and business teams to convey partner and customer feedback as input to AWS technology roadmaps.
- 10+ years experience in IT security, compliance and risk management, data privacy, or security controls.
- Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27001, HIPAA, GDPR, and NIST/DoD frameworks
- Experience with enterprise risk management methods and techniques to drive successful outcomes in a global enterprise environment
- Bachelor's Degree in Computer Science, Information Systems Management, Information Security or equivalent experience required
- Ability to travel to customer sites as needed
- Experience in performing security assessments and information system audits of network, operating systems, application security, as well as auditing IT processes
- Clear understanding of Agile, CI/CD, DevOps approach and how they impact risk management and compliance
- Demonstrated ability to think strategically about business, product, and technical challenges
- Experience building enterprise governance, risk, and compliance programs or driving the program's evolution to meet new requirements
- Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience