Security and Privacy Risk Management Specialist, Kuiper Security

1 day ago Be among the first 25 applicants

Lensa partners with DirectEmployers to promote this job for Amazon.

Description

Project Kuiper is an Amazon initiative to increase global broadband access through a constellation of over 3,000 Low Earth Orbit (LEO) satellites. Its mission is to bring fast, affordable broadband to unserved and underserved communities worldwide. At Project Kuiper, we are obsessed with customer trust and are seeking an individual contributor who is creative, and passionate about delivering Governance, Risk and Compliance solutions to meet Kuiper's regulatory and external assurance needs. In this role, you will work collaboratively with various business and security teams across Amazon to identify compliance needs, assess the maturity of processes and controls, design, build, and execute high-impact security or compliance programs and liaise with external auditors to ensure successful audit executions.

This role is open for Sunnyvale, CA, and Redmond, WA locations.

The Security Compliance Specialist in Project Kuiper's Security team will drive regulatory and certification compliance requirements for our world-class cyber and information security throughout Kuiper's technology, systems, and infrastructure. This role is at the forefront of delivering highly secure space and terrestrial broadband telecommunication services for consumer, enterprise, telecom, transportation and government customers around the world.

The ideal candidate is technically experienced and innovative security, risk, compliance, and audit professional who has the ability to understand systems, security, and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams. You have implemented NIST control frameworks, reviewed control activities, evidence collection, and liaised with auditors.

Export Control Requirement

Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.

Key job responsibilities

• Play a leadership role in Kuiper Security and work closely with the Kuiper business and product community, setting direction for security of key assets, data, and business processes; serving as a subject matter expert resource for security engineers, security champions, and business leaders inside and outside of our organization
• Proactively assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management, and third party risk issues and vulnerabilities by working with multiple stakeholder teams, including Privacy, Legal, HR, IT, etc
• Lead and execute internal security and data usage assessments, investigations and security audits, while also supporting enterprise wide information security and cyber risk assessments with technical and non-technical teams
• Contribute to the development of business risk, insider threat, and third party risk management strategic control requirements and roadmaps
• Contribute to new, and provide feedback on existing security standards and control requirements, GRC policy exceptions and risk issue management process
• Develop and maintain relevant security risk metrics to promote transparency across the organization; measures, monitors and reports on information security risks to management
• Provide guidance on risk, compliance, and policy to technical and non-technical internal customers, including security training and outreach to internal teams and external supply chain partners
• Apply your security and business knowledge to drive secure and pragmatic improvements broadly to Kuiper people, process, and assets, while making technical trade-offs between short versus long term security and business goals
• Strong organizational and communication skills, with a demonstrated ability to work in a multi-tasking dynamic environment while maintaining a high level of ownership and accountability is a must
  
  

About The Team

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Basic Qualifications

• BS in Cybersecurity, Computer Science, or other relevant degree
• Experience in cyber and information security functions, especially in areas including Governance, Risk and Controls (GRC), Privacy, insider threat, business information security, identity and access management, third party risk, incident response, threat modeling
• Experience in an information security leadership role
• Knowledge in navigating risk mitigation and risk issue management, policy and standards, security frameworks (e.g. NIST, ISO, etc.), managing a GRC function, and business information security / risk officer function
• Experience in web and mobile application security, and cloud technologies threats and risks
• Experience in written and verbal communication
• Experience in mentoring a non-tech community on complex technical issues or ambiguous technical challenges
  
  

Preferred Qualifications

• MS in Cybersecurity, Computer Science, or other relevant degree
• Ability to identify security issues and risks, and develop mitigation plans or solutions
• Knowledge of web and mobile application security, and cloud technologies, common vulnerabilities, attacks, and mitigation methods
• Demonstrated experience using communication skills to advocate security for both technical and non-technical audiences
• Experience in driving large scale, cross-organization initiatives
• Sharp analytical abilities and proven innovation skills to unblock adoption of security mechanisms
• Relevant industry certifications (e.g., CISSP, SANS/GIAC, CISA, OSCP/OSWA/OSWE, AWS)
  
  

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $196,300/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits . This position will remain posted until filled. Applicants should apply via our internal or external career site.

If you have questions about this posting, please contact support@lensa.com

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Other, Information Technology, and Management
• Industries
  IT Services and IT Consulting

Referrals increase your chances of interviewing at Lensa by 2x

Mountain View, CA $21.26-$25.10 2 weeks ago

Newark, CA $75,000.00-$95,000.00 4 days ago

San Jose, CA $75,000.00-$95,000.00 4 days ago

Palo Alto, CA $90,000.00-$100,000.00 3 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.