AWS Security Assurance Services, Practice Manager, AWS Security Assurance Services

The Global Services, Security (GSS) team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customers.

The AWS Security Assurance Services team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud. Are you a Security, Governance, Risk, and Compliance leader who can build a team that addresses the challenges of migrating systems and workloads to the cloud? Are you skilled at helping executives address their enterprise risk management requirements using highly scalable computing architectures?

The AWS Security Assurance Service team, within GSS, is seeking a talented Practice Manager to help the expansion of the Security Assurance practice and educate our customers on how our product-led, people-powered services help operate their business securely on AWS while also demonstrating assurance that compliance objectives can be achieved. This is an exciting opportunity to contribute at the intersection of cloud, cyber security, and compliance. You will have the opportunity to work with multiple lines of business and learn from (and contribute to) a variety of security and compliance use cases.

This is a customer facing role where success is measured by developing a high performing team of consultants who help enable our customers in moving their workloads and regulated data into the cloud by addressing specific risk, regulatory, and compliance requirements. You will be expected to also support our Business Development team,

positioning the value and applicability of your team into customer projects and long-term relationships.

We are looking for an innovative security and compliance leader who enjoys establishing team and project strategy and then drives consensus across the team to achieve a vision.

Expertise – Builds technical teams that deliver on innovative governance, risk, compliance and security objectives

Solutions - Builds a technical team that can define security, compliance and risk management approaches to customers that help the customer understand how to move sensitive workloads onto the cloud faster.

Delivery – Working to resolve security assurance questions and to understand how to manage risk and achieve security and compliance objectives while operating in the AWS Cloud through deep dive discussions, strategic presentations / recommendations, and hands on demonstrations of automating compliance in the AWS environment.

Insights - Lead efforts with AWS engineering, support, and business teams to convey partner and customer feedback as input to AWS technology roadmaps.

Relationships – Build long-lasting relationships with strategic stakeholders, supporting the Business Development and Customer Success efforts of AWS Security Assurance Services.

AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.

AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

• 5+ years’ experience in leading teams within IT security, compliance and risk management, data privacy, or security controls.
• 3+ years’ experience advising customers on architectures meeting NIST-based industry standards such as NIST 800-53, FedRAMP, NIST 800-171, and CMMC.
• 3+ years’ experience with enterprise risk management methods
• 3+ years’ experience assessing the security posture and producing evidence of control effectiveness in cloud environments
• Bachelor’s degree in computer science, Information Systems Management, Information Security or equivalent experience required.

• Experience in performing security assessments and information system audits of network, operating systems, application security, as well as auditing IT processes.
• Experience with Agile, CI / CD, DevOps approach and how they impact risk management and compliance.
• Audit certification such as Certified Information System Auditor (CISA)CMMC certification such as CMMC CCP
• Demonstrated ability to think strategically about business, product, and technical challenges.
• Use of attack and threat modeling techniques to inform enterprise risk
• Master’s degree in computer science, Information Systems Management, Information Security or equivalent experience.