This job is with Amazon, an inclusive employer and a member of myGwork the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.
Description
Do you have a passion for applying cutting edge technologies to automate traditionally manual processes Do you have experience in finding innovative solutions to scale security controls across diverse teams and technologies Do you have ideas about influencing the future of security assurance
At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At our scale, we invent new ways to provide the highest level of assurance to our most security conscious customers. Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our industry specialists ensure that AWS can meet customers audit, assurance and regulatory expectations. We are looking for an independent, passionate, and deeply experienced security audit specialist with expertise and experience in developing and implementing technology audit and assurance programs across Asia-Pacific. You will be responsible for defining and developing an audit and assurance program for our customers and countries in Singapore and across Asia-Pacific, along with hiring and managing the team that will work in specific markets.
At our scale, we are committed to inventing new ways to provide the highest level of assurance to our most security conscious customers. You have a strong foundation in audit principles, as well as a diverse technology, privacy and assurance background. You have led teams and delivered challenging and complex audit and assurance programs. We have a team culture that encourages ownership, diversity, inclusion, and innovation. We expect team members and management alike to take a high degree of ownership for their program, vision and execution. We expect this person to balance their unique perspective with those of the diverse perspectives of the team and its stakeholders. You will have an opportunity to work directly with most divisions across AWS as we build the tools and evidence needed to demonstrate assurance for our customers. Your technical and audit background will help bridge security, technology, and compliance, and facilitate the scale of the program.
This role is responsible for AWS flagship audit, attestations and certifications. It also requires the ability to develop long-term projects and define processes and methods to ensure seamless execution across multiple internal and external stakeholders, including customers, auditors and regulatory agencies across Asia-Pacific.
You are someone who can prioritize well, communicate early and clearly, and will be able to demonstrate track record of delivering both personally and through your team. You will be a positive influencer across diverse teams, be able to effectively rally support for your initiatives and be able to help independent industry specialists drive simple, scalable solutions to meet customer and regulator expectations. You will be able to show how you have used data to escalate and drive necessary change.
Key job responsibilities
This Position Will Be Responsible For The Following Activities
- Dive deep into customers audit and assurance expectations across all industry sectors in South Korea and Asia-Pacific geographies.
- Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions.
- Develop understanding of regulated industry compliance requirements and communicate how our control activities meet global regulatory obligations.
- Develop strategic direction for security audit and assurance activities in South Korea market
- Liaise with strategic customers, regulators and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to a cloud environment.
- Monitor, evaluate, and continuously improve the organization by being a trusted adviser, facilitator and creative problem solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
- Apply a sound knowledge of global information security regulation and policy to articulate customer and regulatory impact and drive alignment to AWS environment.
About The Team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Mentorship and Career growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- 5 years of professional experience in technology and security audit and assurance activities and security implementations within regulated industries or a provider of services to regulated industries.
- 5 years of experience building and managing teams of technical, audit, assurance and regulatory specialists, with remote management experience.
- Relevant experience working directly with customers senior management, regulators and executives on financial regulatory, technology, or related policy issues.
- Bachelors or advanced degree in related area of study (Computer Science, Engineering, Cyber Security, IT Audit, Technology Risk Management, IT Security Management).
- Experience delivering programs such as PCI DSS, SOC 1/2/3, ISO 27001/27017/27018/22301/20000, TIA-942, FedRAMP, HIPAA, IRAP, FISC, OSPAR, K-ISMS, MTCS, or C5 etc.
Preferred Qualifications
- Strong verbal and written communications skills, as well as the ability to work effectively across internal and external organizations.
- Demonstrated ability to effectively and comfortably interact at senior and executive levels.
- Self-starter with proven track record of successfully working with a wide array of functional groups across an organization and cultures as well as working independently.
- Experience auditing cloud environments
- Strong analytical and critical thinking skills with the ability to use data to back up assumptions, recommendations and drive actions.