Manager, Amazon.com Governance, Risk and Compliance

Amazon.com Services, Inc. - Seattle, WA

Full-time
  • 15+ years of software engineering or information technology experience
  • 3+ years managing managers
  • Bachelor’s degree in Management Information Systems, Computer Science or related field, Master’s Degree preferred.
  • Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
  • Technical knowledge in at least one security domain such as engineering, system and network security, authentication or security protocols.
Interested in having company-wide impact by building security and regulatory governance capabilities at scale. Are you excited about building enterprise-scale systems & practices to transform security governance, risk and compliance practices at Amazon.com? We are looking for Manager to lead a cross-functional organization.

As a senior leader in the Amazon.com Information Security organization you will own the strategy and delivery of security governance, risk and compliance systems & practices for Amazon.com. You will be building/mentoring a cross-functional team of senior contributors/managers/teams reporting to you, your organization will be managing multiple company-wide compliance programs, and you will be working with leaders across Amazon to deliver business-impacting results while transforming the security governance and compliance landscape. As Amazon.com teams rapidly adopt AWS, in this role you will have the unique opportunity to build industry-leading closed-loop governance systems & practices for cloud-based systems.

Amazon continues to expand into new areas globally, if you enjoy working in a rapidly changing environment and influencing the strategic direction of a large global organization, this position will provide you with a challenging opportunity.

  • 3+ years of experience in security governance and regulatory compliance (e.g. PCI, HIPAA, GDPR)
  • Understanding of industry frameworks like NIST, ISO 27001.
  • Built, understand, and/or drove adoption of enterprise-scale Governance Risk and Compliance systems.
  • Executive-level written and verbal communication skills.
  • Ability to communicate effectively with both technical and non-technical individuals.
  • Excellent leadership, teamwork and collaboration skills.
  • CISSP, CISA, CISM and/or other security certifications preferred.