Skip to main content

Manager, Audit Services, AWS Security Assurance

Job ID: 1849803 | Amazon Dev Center U.S., Inc.

DESCRIPTION

Job summary
Amazon Web Services (AWS) is looking for an experienced audit manager who will be responsible for innovating in the area of audit integration, scaling compliance, and next-generation risk management. This manager will be charged with building a team to deliver on our compliance programs and developing innovative automated audit processes. This position requires a strong foundation in audit principles, as well as a diverse technology background. As an essential part of this role, you will be building and developing exceptional security and compliance programs and will enable customers to build regulated workloads on AWS. You will join industry-leading security professionals to ensure that our services are in compliance with security and privacy requirements.

You should be a technically experienced and innovative security, compliance, and audit professional who has the ability to understand IT security and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams. You will drive the program for managing end-to-end audit processes, including technical security requirement analysis, control implementation, auditor engagement and audit execution, enabling the program to scale with the business. You will help lead and transform the programs through innovative process changes across multiple organizations and teams, engaging technical and non-technical people throughout the company. Your combination of technical and audit background will help bridge security, technology, and compliance, and facilitate the scale of the program. As a member of the AWS Security Assurance team, you will work to engage teams across AWS Security, our field teams, auditors, and customers to deliver an innovative audit program.

Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.


Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring. We care about your career growth as a passionate learner that is motivated to take on challenges.


Work/Life Balance
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.



Key job responsibilities
Key Responsibilities:

  • Executing on a collaborative audit roadmap in conjunction with internal and external stakeholders
  • Defining processes to support a technical audit platform, leveraging automation throughout the end-to-end audit process
  • Building key engagement mechanisms to engage service owners, to meet the growth needs of the business and of compliance, privacy, and transparency requirements
  • Managing business relationships and communications to service teams and stakeholders of the audit programs
  • Dive deep into the AWS control environment to develop technical understanding of control implementation, and articulate compliance implications to internal and external audit functions.
  • Set strategic direction, improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness.
  • Monitor, evaluate, and continuously improve the organization by being a trusted advisor, facilitator and creative problem solver. Develop and share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
  • Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment.
  • Apply a working knowledge of global information security and privacy regulation and policy to articulate customer and control impact and drive alignment to AWS controls.
  • Effectively communicate compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.

BASIC QUALIFICATIONS

· Bachelor's Degree in Accounting or Auditing, Information Systems Management, Computer Science, Informatics, or other related fields.
· 7+ years of experience in security or compliance consulting or advisory work in in support of a highly technical environment.
· 5+ years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. SOC1, SOC2, HIPAA, HITRUST, PCI, or ISO)
· Experience in working directly with auditors or as an auditor for compliance assessments.

PREFERRED QUALIFICATIONS

· Experience in technical security design, compliance consulting, or advisory work in support of a highly technical environment.
· Experience with engaging teams who are building technology products or services and experience in working with engineering in defining technical requirements and seeing them through to development and release.
· Experience auditing cloud environments.
· Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
· Experience in IT program or project management, IT auditing, and/or control framework development and implementation.
· Experience in performing technical assessments and audits of network, operating systems, application security, and auditing IT processes.
· Solid technical background with experience in cloud technologies, cloud deployment models (IaaS/PaaS/SaaS), and familiarity with AWS core services (EC2, S3, DDB, RDS, KMS, etc.)
· A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments.
· Meets/exceeds Amazon’s leadership principles requirements for this role.
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role.




Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Workers in New York City who perform in-person work or interact with the public in the course of business must show proof they have been fully vaccinated against COVID or request and receive approval for a reasonable accommodation, including medical or religious accommodation.