Principal Security Technical Program Manager
Are you passionate about risk management, data security, security architecture, compliance, privacy, and security strategy? Would you like to be a part of the team responsible for building and managing a security strategy program for Amazon's largest acquisition to date, Whole Foods Market? We need exceptionally talented, bright, and driven people. Amazon Whole Foods Market is the world’s largest provider of natural and organic groceries, and we are passionate about our mission, and protecting our customers information. We want someone ready to partner across Whole Foods Market’s technology and security engineering groups to secure and protect data. The right person will lead implementation of cutting-edge technology and programs that could included focusing on multiple cross-cutting initiatives such as Data and Network Security, Vulnerability Management, Governance, Risk, and Compliance, as well as Application and Cloud Security.
We operate in a hyper-growth environment where priorities shift quickly, so a passion and discipline around security and delivery is critical. You will tackle challenging situations every day and, given the size of this initiative, you will collaborate with various levels across Whole Foods Market and Amazon.
Key Responsibilities include:
· Manage the full life cycle of day-to-day security activities including coordination of strategic and detailed functional plans, communication with key stakeholders, and issue resolution. Create awareness of cross- functional inter-dependencies and establish prioritization for plan execution to minimize disruption on daily operations
· Lead initiatives aimed at identifying and reducing security risks for Whole Foods Market and Amazon
· Drive and partner with stakeholders (including Security Engineers) internal and/or third-party security assessment, architecture review, and or other testing within the organization and develop plans to include remediation of identified weaknesses and/or implementation of compensating controls
· Lead ambiguous and undefined problems to resolution in the face of uncertainty
· Demonstrate the ability to provide both structured and creative thinking in a dynamic and evolving environment
· Demonstrate the ability to communicate effectively at multiple levels of management, building trust across the organization, and demonstrating discretion with sensitive information
· Show ownership and leadership skills in coordinating projects across multiple teams, driving them to successful conclusion while building strong, lasting relationships with both internal and external customers
· Be comfortable working in a fast-paced, ever-changing environment while driving teams to complete goals
· Demonstrate the ability to break abstract goals into attainable, measurable work items
The ideal location of the position is Austin, TX. Additional US-based locations will be considered for the qualified candidates with frequent travel to Austin, TX when external conditions allow. Relocation available.
· Bachelor’s degree in Computer Science, Information Security, Engineering, or related field or equivalent experience.
· Minimum 10 years of information security experience
· Knowledge and skillset with modern cloud infrastructure including SaaS, PaaS, IaaS, containerization, and serverless technologies
· Solid understanding of data privacy and data security principles and best practices
· Effective at working as part of a collaborative, cross-functional team
· Knowledge of PCI DSS, SOX, CCPA, HIPAA
· High sense of ownership, urgency, and drive
· Ability to establish credibility and earn trust with a variety of Stakeholders and Leadership
· Senior-level written and verbal communication skills
· Ability to work well, collaborate, and lead within a team environment
· Masters degree in Information Systems, related field, or equivalent practical experience
· 15+ years information security experience
· Hold security certifications such as CISSP, CISM, SANS GIAC
· Experience implementation data security solutions in a large organization
· Meets/exceeds Amazon’s leadership principles requirements for this role
· Meets/exceeds Amazon’s functional/technical depth and complexity for this role
· An entrepreneurial spirit with the ability to drive innovation independently
· Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills
· Strong customer focus, ownership, sense of urgency and drive
· Familiarity with web services, multi-tiered systems, complex architectures, workflow and enterprise application integration
· Passion to make things better and resourceful, solutions-based approach to partnership
· Possess an understanding of core information security principles and associated risk management principles
· Have extensive experience with of process improvement, building, and strategic development
· Experience with large enterprise environments
· Experience with products and services
· Experience with cross-organizational collaboration and negotiation
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.