Job Description

DESCRIPTION

Amazon's Information Security organization is the guardian of customer trust. We are responsible for securing products, services, networks, and operations across Amazons worldwide consumer business, leading hundreds of thousands of employees across the globe. The Third Party Security team is responsible for securing Amazon's data when it is shared with third party vendors, from payment providers to video game developers.

Information Security is looking for a highly motivated Technical Program Manager to help maintain Amazons high security bar whenever we share data outside the company. If you enjoy working at scale in a rapidly changing environment and influencing the protection of our customers within a large global organization, this position will provide you with a challenging opportunity.

You will engage with Third Party Security customers across many different Amazon business units, understanding their data sharing use cases, requirements, pain points, and challenges. You will work with those teams and third parties to deep-dive into a wide range of security disciplines and develop risk assessments to maintain Amazon data handling requirements for third party relationships.

Key tasks include:
Scope, plan, implement and deliver security projects and programs, and collaborate with Program Managers and senior leaders to align with strategic vision and goals
Act as subject matter expert on risk-based security reviews and assessments
Drive projects cross functionally, build partnerships with other organizations, and work proactively with business teams to ensure security objectives are met
Collecting/reviewing data from multiple sources to assess partner security
Building, evolving, and improving sustainable processes and measurement systems to ensure that security policy requirements are maintained
Security knowledge on current threats, trends and mitigations
Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions
Demonstrated ability to work through ambiguity to detailed solutions
Solid foundation in software engineering principles
In this role you will:
Maintain a broad understanding of the global regulatory landscape impacting Amazon. Remain current with emerging regulatory trends and solutions
Collaborate with a cross-functional team of Security Engineers, contractors, and technical program managers to deliver security reviews and assessments of external parties and Amazon team plans
Advise and guide the product management and legal team to ensure contracts with external parties have the required security terms in contracts and participate in contract negotiations with external partners at a global level
Determine strategy for highly sensitive and/or high profile assessments
Maintain metrics on global vendor security and compliance
Ensure the team delivers on security goals, and make recommendations for incremental process improvement
BASIC QUALIFICATIONS

5+ years of relevant engineering experience
2+ years of technical program management experience
Experience managing projects across cross functional teams, building sustainable processes and coordinating release schedules

PREFERRED QUALIFICATIONS

Minimum 5-8 years of information security, audit, risk management or related consulting experience
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Excellent leadership, teamwork and collaboration skills
Skilled in risk management, business risk analysis, and making complex business/risk trade-off recommendations and decisions.
Technical knowledge in at least one security domain such as engineering, system and network security, authentication, or security protocols
Results-oriented, high energy, self-motivated
Occasional travel may be required