ADC Sec Compliance Specialist, US ADC Security Assessment and Authorization

Job ID: 2942558 | Amazon Web Services, Inc.

Amazon Web Services (AWS) is the leading cloud provider, providing virtual infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS’s multi-tenant infrastructure. Governmental organizations are also looking to and depending on AWS for cloud solutions and services.

At Amazon Web Services (AWS), Security is our highest priority. At AWS' scale, we invent new ways to provide the highest level of assurance to our security conscious customers. The AWS US Amazon Dedicated Cloud (ADC) Security team is looking for a Security Compliance Specialist who is highly motivated and fosters organization across the security domain. This is a highly visibility team that solves security challenges for the benefit of mission customers. Additionally, you will be responsible for understanding AWS’ operational processes around security and be able to clearly articulate and communicate to various stakeholder audiences in a variety of forms.

You will join a cadre of program management, technical business development, and information security professionals to establish a proactive, results-driven team focused on improving our ability to deliver new capabilities to our customers. As a A&A Security Compliance Specialist on the A&A team, you will spend the majority of your time working with technical business leaders (such as hardware and software engineering leaders, and technical program managers) to develop and produce A&A related documentation to ensure efficient service onboarding.

The role requires working experience with the Risk Management Framework (RMF), System Security Plans (SSP), Security Control Traceability Matrices (SCTM), familiarity with the customer environment, and an understanding of existing AWS services. You will draw upon an information security background, critical thinking, and analytic problem solving skills to support A&A activities, recommend improvements as required, and effectively support the delivery of industry leading, secure services to our Federal customers.

This position requires that the candidate selected be a US Citizen and must currently possess and maintain an active TS/SCI security clearance with polygraph.

Key job responsibilities

1. Coordinate amongst government customers to produce and implement system security packages across cloud infrastructure platforms.
2. Work across a wide variety of AWS teams to establish and maintain information security documentation, including security questionnaires, SSPs, and SCTMs.
3. Responsible for reviewing proposed new systems, networks, and software designs for potential system security risks, and resolving integration issues related to the implementation of new services with the existing cloud infrastructure.
4. Implement higher level system security requirements such as those resulting from laws, regulations, or government directives by developing long range plans for security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with cloud infrastructures’ vulnerabilities or perceived vulnerabilities.

Our team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we’re building an environment that celebrates knowledge sharing and mentorship.

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.

- 2+ years of Assessment and Authorization experience in a related industry (experience owning a program/product/feature, scoping requirements, planning milestones, project management and working with technical teams)
- 2+ years of familiarity with the processes and documentation required to articulate the appropriate system security products or services with stakeholder government customers to define a project scope, requirements, and deliverables.
- 1+ years experience architecting information systems for authorization under ICD 503 or DoD Risk Management Framework.
- Current, active US Government Security Clearance of TS/SCI with Polygraph

- DoD Manual 8570 IAM Level III certification
- Solid foundation in service-oriented and web-service technologies
- Experience designing and implementing systems using AWS
- Familiarity with Information Security or Audit frameworks

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.