Security Compliance Manager, Compliance Operations
Amazon Web Services (AWS) is the leading cloud provider, for such services as virtual infrastructure, storage, networking, analytics, and enterprise applications to help global organizations move faster, lower IT costs, and scale. Businesses, from start-ups to enterprises, and Government organizations, run their operations and applications on AWS’s multi-tenant infrastructure. This is a dynamic business within Amazon.com, and one of the world’s fastest growing and evolving companies, with a team of exceptionally talented, bright and motivated people. The Compliance Operations team is responsible for ensuring operational program necessary to support AWS services, such as Background Checks and Citizenship Validations, are conducted in a compliant manner across the multiple countries where AWS operates and will expand.
AWS is looking for a Security Compliance Manager with a deep security and compliance background to lead a system development and process improvement team. As part of the AWS Security Assurance team, this candidate is a key liaison with AWS service teams, infrastructure teams, AWS Security, and other areas across the company.
As a Security Compliance Manager within the Security Assurance Compliance Operations team, you will oversee the execution our program for evaluating compliance with industry standards (ISO, SOC), federal regulations (FedRAMP/NIST, DOD) and customer contractual requirements. You will have complete ownership and accountability of programs from start to finish, aimed at improving the AWS personnel screening compliance and risk monitoring. The successful candidate is comfortable interacting with both technology and business leaders across the organization at all levels. You will drive consensus among stakeholders and verify that controls are effective, or remediated to become effective. We value personality, insight, intellectual flexibility, and sound business judgment.
This position can work out of the Arlington, VA, Herndon, VA, Washington DC, or Seattle WA AWS offices
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.
Key job responsibilities
Your responsibilities will include the following:
- Improvement and/or development of new screening compliance programs.
- Manager underlying programs, coordinate Stakeholder management and Sr. Leadership program update communications.
- Assist in the development and tracking of Compliance Operations metrics, such as the number of open exceptions, number of open support requests, and burndown rates for given programs.
- Develop weekly/monthly reports that capture key business trends, highlights, lowlights, and metrics as the compliance programs are conducted. Provide status, recommended updates, and detailed metrics and evidence.
- Assist in evaluating new compliance programs and requirements and help transition ongoing operations of all compliance programs to long-term control owners within the organization.
- Be comfortable influencing change, earning trust with stakeholders, enhancing the customer experience, and driving the completion of the programs you are responsible for.
- Communicate effectively at multiple levels of sensitivity and across multiple audiences.
A day in the life
On any given day this role will liaise with internal Security teams teams, audit, HR Screening Services, HR Risk and Compliance, Employee Services, Operations Security, AWS Legal, and various Services Teams.
You will assist our stakeholders stakeholders with aligning standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, policies, and risk management effectiveness.
You will ensure the ongoing screening program compliance working with cross-functional teams to meet our audit and contractual requirements.
About the team
Protection of our customer's data is one of the foremost important missions for Amazon Web Services (AWS). We are responsible for ensuring the compliance of operational programs necessary to safeguard customer data, and support AWS builders across the multiple countries where AWS operates and will expand. We do this by implementing compliance solutions that empower business growth, by delivering audit evidence based upon customer and regulatory requirements.
- Bachelor’s degree.
- 5+ years of Security Compliance program monitoring & reporting.
- 5+ years supervising a small team of security or compliance specialists.
- 5+ years proven knowledge of program management lifecycle, and skilled at project management tools.
- 5+ years experience in leading multi-organizational initiatives, and driving team accountability to achieve impactful goals.
- 4+ years of experience working in an operations environment, driving improvements resulting in measurable business impact.
- Masters degree or higher (or in the progress of working toward a higher degree).
- Advanced knowledge of NIST, ISO, SOC and/or related frameworks.
- Advanced Microsoft Excel, SQL and/or Tableau experience
- Experience supporting enterprise-wide Security Compliance programs designed to anticipate, assess, and minimize control gaps and audit findings.
- Experience with metrics-based projects and utilizing metrics to gauge risk and success.
- High level of comfort in communicating effectively across internal and external organizations.
- Understanding of the AWS service catalog.
- Meets/exceeds Amazon’s leadership principles requirements for this role
- Meets/exceeds Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.