Security Assurance Specialist

Amazon Web Services is a dynamic and rapidly growing business within Amazon.com. We provide a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses in 190 countries around the world. We provide organisations with building block web services that allow them to innovate faster and operate their software more cost-effectively. These services-in-the-cloud include on-demand compute capacity, storage, content delivery, querying of structured data, message queuing, and more. The AWS team is building and delivering the next generation of cloud computing that supports public AWS offerings like S3, EC2, and CloudFront. We are innovating new ways of building massively scalable distributed systems.

At Amazon Web Services (AWS), Security is our highest priority. At AWS' scale, we invent new ways to provide the highest level of assurance to our security conscious customers. AWS Security is looking for a Security Assurance Specialist who can prioritize well, communicate early and clearly, and has a solid understanding of security and compliance within a cloud environment.

The Security Assurance Specialist will be part of the team responsible for demonstrating the security controls of services offered by AWS. This position will be focused on the Security Assurance function, leading day-to-day security assurance activities, evaluating compliance, and providing evidence of how they meet the requirements of our most security conscious customers.

At AWS we are obsessed with earning and maintaining customer trust. This role facilitates our ability to build and maintain that trust through our internal Security Assurance processes and mechanisms. Ideal candidates will have the ability to learn and comprehend security control implementations and operational effectiveness, AWS services, and IT and cloud auditing processes. They will also be able to evaluate opportunities for improvement, and influence across organizations and teams.

1. Collaborate with internal teams and customers to establish baselines and agree on the security requirements and associated security controls.
2. Manage requests for evidence relating to key security controls, by working in collaboration with internal and external stakeholders.
3. Responsible for reviewing the security of proposed new AWS systems, networks, and software designs for potential system security risks, and resolving integration issues related to the implementation of new services within the existing cloud infrastructure.
4. Liaise between key stakeholders and AWS technical communities to articulate security control implementation.
5. Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to enable these to be articulated to both customers and internal/external stakeholders.
6. Work across a wide variety of AWS teams to establish and maintain information security documentation.

About the team

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

1. 2+ years of professional experience in performing technical assessments or audits within a cloud environment, including working knowledge of foundational security principles and industry best practices.
2. Demonstrated experience in security, audits, customer trust, control assessments, or risk assessments.
3. Proven analytical and quantitative skills, and an ability to use data and metrics to back up assumptions, develop detailed reporting and drive process improvements.

1. Solid foundation in service-oriented and web-service technologies.
2. Experience designing and implementing systems using AWS. Familiarity with Information Security or Audit frameworks. Experience in the delivery of projects and programs across multiple teams.
3. Strong verbal and written communications skills, as well as the ability to work effectively across internal and external organizations. Strong analytical and critical thinking skills with the ability to use data to back up assumptions, recommendations and drive actions.

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.