AWS Security Assurance Services, Practice Manager, AWS Security Assurance Services

The AWS Security Assurance Services team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud. Are you a Security, Governance, Risk, and Compliance leader who can build a team that addresses the challenges of migrating systems and workloads to the cloud? Are you skilled at helping executives address their enterprise risk management requirements using highly scalable computing architectures?

The AWS Security Assurance Service team, within GSS, is seeking a talented Practice Manager to help the expansion of the Security Assurance practice and educate our customers on how our product‑led, people‑powered services help operate their business securely on AWS while also demonstrating assurance that compliance objectives can be achieved. This is an exciting opportunity to contribute at the intersection of cloud, cyber security, and compliance. You will have the opportunity to work with multiple lines of business and learn from (and contribute to) a variety of security and compliance use cases.

• Develop a high performing team of consultants who help enable customers to move workloads and regulated data into the cloud by addressing specific risk, regulatory, and compliance requirements.
• Support the Business Development team with positioning the value and applicability of your team into customer projects and long‑term relationships.
• Establish team and project strategy, drive consensus across the team, and achieve a shared vision.
• Build technical teams that deliver on innovative governance, risk, compliance and security objectives.
• Define security, compliance and risk management approaches to customers to help them understand how to move sensitive workloads onto the cloud faster.
• Resolve security assurance questions and understand how to manage risk and achieve security and compliance objectives while operating in the AWS Cloud through deep dive discussions, strategic presentations/recommendations, and hands‑on demonstrations of automating compliance in the AWS environment.
• Lead efforts with AWS engineering, support and business teams to convey partner and customer feedback as input to AWS technology roadmaps.
• Build long‑lasting relationships with strategic stakeholders, supporting the Business Development and Customer Success efforts of AWS Security Assurance Services.
• Travel to customer sites as needed.

• 5+ years of experience leading teams within IT security, compliance, risk management, data privacy, or security controls.
• 3+ years of experience advising customers on architectures meeting NIST‑based industry standards such as NIST 800‑53, FedRAMP, NIST 800‑171, and CMMC.
• 3+ years of experience with enterprise risk management methods.
• 3+ years of experience assessing the security posture and producing evidence of control effectiveness in cloud environments.
• Bachelor's degree in computer science, Information Systems Management, Information Security or equivalent experience required.
• Experience conducting security assessments and information system audits of network, operating systems, application security, and IT processes.
• Experience with Agile, CI/CD, DevOps approaches and how they impact risk management and compliance.
• Audit certification such as Certified Information System Auditor (CISA) or CMMC certification such as CMMC CCP.
• Demonstrated ability to think strategically about business, product, and technical challenges.
• Use of attack and threat modeling techniques to inform enterprise risk.
• Master's degree in computer science, Information Systems Management, Information Security or equivalent experience.

Diverse Experiences: AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

AWS values curiosity and connection. Our employee‑led and company‑sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge‑sharing, mentorship and other career‑advancing resources here to help you develop into a better‑rounded professional.

We value work‑life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.

The Global Services, Security (GSS) team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world's workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar‑raising security outcomes and investment in security mechanisms and automation on behalf of our customers.