Find your next role

DESCRIPTION

Amazon Security is seeking a Senior Security Risk Specialist with a strong delivery record and proven risk management experience to join our Security, Risk, & Compliance (SRC) Risk team. Our team empowers stakeholders to grow securely by enabling leaders to understand and manage their risks and the impact of their decisions. We go beyond traditional methods of risk management, providing teams with insightful data and novel tools to make informed decisions that unlock opportunities and drive innovation.

This role will support security excellence initiatives within SRC, analyzing operations, identifying opportunities, assessing risk, and managing the execution of projects.

The successful candidate will be a hands-on security expert who thrives in the face of ambiguity, and has a proven track record of delivering high-impact goals. In this role, they will establish and lead ongoing projects focused on security risk management.

The ideal candidate is technically experienced and innovative security, risk, and compliance who has the ability to understand systems, security, and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams. You have experience with NIST Risk Management Framework (NIST 800-30).

If you enjoy working at scale in a rapidly changing environment and influencing the protection of customers’ data within a large global organization, this position will provide you with a challenging opportunity.

Key job responsibilities
- Analyze business, product and security data, uncover evolving threats, identify weaknesses and opportunities in risk defense

- Apply a working knowledge of information security and privacy regulation to articulate customer and control impact and drive alignment to controls.

- Quantify risk control effects and trends, collaborate with engineering, operational and product teams, contribute to risk measurement, mitigation and prevention.

- Establish regular reporting mechanisms for measuring compliance and performance;
- Develops metrics that demonstrate the current risk state, indicators of progress, and business alignment

- Support Continuous Monitoring initiatives to drive enforcement, oversight and improvement of security controls implementation through automation

- Partner with tech and security teams and to review and challenge identified risks, remediation plans, progress and status, and drive action as needed

- Monitor and oversee performance against Key Risk Indicators, including “Path to Green” plans

- Drive the successful achievement of business goals, including timely identification, escalation and remediation of risks and issues that impact program execution and delivery.

About the team
The Security, Risk, & Compliance (SRC) Risk team is a group of highly-skilled technical and non-technical program managers and specialists who work at the intersection of Amazon’s most critical security operations. Our team partners with incident response and vulnerability management to provide actionable insights, drive risk mitigation, and ensure the secure growth of Amazon’s business. Given this strategic positioning, no two days are exactly the same, but our mission of empowering leaders to understand and manage risk, while supporting the continuous operational development of these high-impact teams, remains constant. Through our work, we ensure that Amazon’s data and operations are safeguarded against evolving threats, enabling the company to grow securely.