Sr. Technical Industry Specialist: Government Audits
Seattle (King) Accounting / Management control
Job description
DESCRIPTION
Are you interested in driving exceptional security for customers? Do you have a passion for cutting-edge technologies? Do you see compliance as a business enabler? Do you like diving deep into technical architecture driving great security and compliance?
Amazon Web Services (AWS) is rapidly expanding its global presence and we are looking for a highly motivated Security Assurance professional focused on US Public sector programs to join our Compliance Assessment Team. As part of the AWS Security Assurance team, you will build the bridges between security, technology and compliance by working directly with our AWS service teams, infrastructure teams, security teams, related Amazon Corporate teams, regulatory agencies, and Government authorizing officials. You will join industry-leading security professionals in opening new markets and supporting customers to ensure that our infrastructure is designed, operated, maintained, and protected in accordance with FedRAMP, DOD and other global security standards (SOC, ISO, PCI). The position requires working with AWS service teams to lead them through security assessments, technology reviews and documentation changes. This candidate should be a technically experienced and an innovative security/compliance professional. You will work with AWS service teams to assist them in understanding security requirements, document security control implementations, and coordinate technical exchanges with independent assessment teams.
Key Responsibilities:
Manage and drive complex cross-functional security assurance and compliance initiatives among internal and external teams. Interface with key stakeholders to estimate work efforts, define milestones and manage resources. Track progress, understand dependencies, evaluate risks and communicate status to upper management and project stakeholders.
Provide consultative support to internal teams and business partners and identify opportunities to advance security implementations with the objective of mitigating and improving operational performance.
Understand and evaluate security and compliance implementations and propose technical alternatives that address applicable compliance programs such as: FedRAMP, DOD SRG CC, PCI, SOC, ISO.
Develop broad domain and technical knowledge in AWS security solutions.
Facilitate knowledge management and communication to improve project delivery.
Monitor, evaluate, and continuously improve the organization by being a trusted adviser, facilitator, and creative problem solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
QUALIFICATIONS DE BASE
· Bachelor's Degree in Informatics, Information Systems Management, IT Security, Business Management, related fields or equivalent experience.
· Minimum of 5 years of experience in security and/or compliance consulting, IT audit/compliance and/or information security program management.
· 5 years of project management experience.
· 5 years of experience with and direct exposure to applicable laws, regulations, standards and guidance such as FISMA, NIST 800-53, FIPS, FedRAMP, SOC, PCI, ISO 27001, ISO 27017, ISO 27018, ISO 9001, ENS
QUALIFICATIONS APPRÉCIÉES
· Masters Degree in Informatics, Information Systems Management, IT Security, Business Management, Infrastructure Management and Planning, related fields or equivalent experience.
· 3 years of leading financial industry regulatory audits.
· Experience in supporting technical assessments and audits of network, operating systems, and/or application security; experience in working directly with government officials and/or auditors.
· Experience with cloud computing services/deployment architecture
· Experience managing an audit/assessment for ISO, SOC, PCI or similar certification programs.
· Experience with Federal Risk and Authorization Management Program (FedRAMP), Risk Management Framework (RMF), Continuous Monitoring Reporting
· Experience applying and incorporating new and emerging cybersecurity technologies and trends into proposed solutions
· Experience applying security system design tools, methods, and techniques.
· Understanding of cryptography and cryptographic key management concepts.
· Experience with Governance, Risk, and Compliance tools and technology.
· Experience in generating automated metrics to measure IT process
effectiveness and consistency.
· Familiarity with enterprise productivity tools, such as SharePoint, Remedy trouble ticketing systems, etc.
· Hands-on experience working successfully in a very fast-paced, rapidly evolving, results-oriented environment.
· Strong bias for action with ability to prioritize, multi-task, and meet deadlines.
· Meets/exceeds Amazon's leadership principles requirements for this role
· Meets/exceeds Amazon's functional/technical depth and complexity for this role
Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.