The Global Services, Security (GSS) team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world’s workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customers.
The AWS Security Assurance Services team works with our largest enterprise customers to operationalize the shared responsibility model as they migrate to the cloud. Are you a Governance, Risk, and Compliance leader who can address the challenges of migrating systems and workloads to the cloud? Are you skilled at helping executives address their enterprise risk management requirements using highly scalable computing architectures?
The AWS Security Assurance Service team, within GSS, is seeking a talented Assurance Consultant to help the expansion of the Security Assurance practice and educate our customers on how our product-led, people-powered services helps operate their business securely on AWS while also demonstrating assurance that compliance objectives can be achieved. This is an exciting opportunity to contribute at the intersection of cloud, cyber security, and compliance. You will have the opportunity to work with multiple lines of business, and learn from (and contribute to) a variety of security and compliance use cases. This is a customer facing role where success is measured by helping enable our customers in moving their workloads and regulated data into the cloud by addressing specific risk, regulatory, and compliance requirements.
We are looking for an innovative security/compliance professional who has the ability to handle a wide range of compliance requirements, is willing to dive in to the details, can translate those requirements into scalable solutions, and is able to communicate at all levels within an organization.


Key job responsibilities
- Expertise – Leads teams that include Amazonians, partners, and customers to enhance security assurance and compliance programs
- Solutions - Lead a team to define innovative compliance and risk management approaches to customers that help the customer understand how to move sensitive workloads onto the cloud faster.
- Delivery – Engagements will require working to resolve security assurance questions and to understand how to manage risk and achieve compliance while operating in the AWS Cloud through deep dive discussions, strategic presentations/recommendations, and hands on demonstrations of automating compliance in the AWS environment.
- Insights - Lead efforts with AWS engineering, support and business teams to convey partner and customer feedback as input to AWS technology roadmaps.
- Ability to travel to customer sites as needed.


About the team
AWS Security Assurance Services LLC, a PCI-QSAC (Payment Card Industry-Qualified Security Assessor company) and HITRUST External Assessor Firm, is a team of industry certified assessors, helping our customers achieve, maintain, and automate compliance in the cloud by tying together applicable audit standards to AWS service specific features and functionality.
Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.
Inclusive Team Culture
Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.
Mentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Hybrid Work
We value innovation and recognize this sometimes requires uninterrupted time to focus on a build. We also value in-person collaboration and time spent face-to-face. Our team affords employees options to work in the office every day or in a flexible, hybrid work model near one of our Amazon offices.

BASIC QUALIFICATIONS

- 5+ years experience in IT security, compliance and risk management, data privacy, or security controls.
- 3+ years experience advising customers on architectures meeting NIST-based industry standards such as NIST 800-53, FedRAMP, NIST 800-171, and CMMC.
- 3+ years experience with enterprise risk management methods and techniques to drive successful outcomes in a global enterprise environment.
- 3+ years experience assessing the security posture and producing evidence of control effectiveness in cloud environments
- Bachelor's Degree in Computer Science, Information Systems Management, Information Security or equivalent experience required.

PREFERRED QUALIFICATIONS

- Experience in performing security assessments and information system audits of network, operating systems, application security, as well as auditing IT processes.
- Clear understanding of Agile, CI/CD, DevOps approach and how they impact risk management and compliance.
- Audit certification such as Certified Information System Auditor (CISA)
- CMMC certification such as CMMC-RP
- Demonstrated ability to think strategically about business, product, and technical challenges.
- Master's Degree in Computer Science, Information Systems Management, Information Security or equivalent experience.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.