AWS Security Controls Specialist, AWS Compliance & Security Assurance

Security Control Specialist

At Amazon Web Services (AWS), security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At AWS' scale, we invent new ways to provide the highest level of assurance to our most security conscious customers. We are looking for a highly motivated security control specialist with IT audit experience to join our team. As part of the team, you will be responsible for supporting developing a security controls product to serve our external audit function. You will understand the key objectives and goals of customers, regulators, and third-party audit frameworks and understand AWS controls that strategically address these goals and objectives, and work with builders to document security controls that fulfills AWS compliance requirements. Additionally, you will be responsible for understanding AWS' operational processes around controls and be able to clearly articulate and communicate to various stakeholder audiences in a variety of forms. The successful candidate is one who loves working across many stakeholders and compliance frameworks to design solutions for complex compliance challenges.

You will work directly with divisions within AWS service to improve AWS' ability to demonstrate assurances for our internal and external customers. In this role, you will facilitate open and transparent relationships with AWS internal stakeholders and customers. We seek an experienced and industry professional who can understand core compliance frameworks, dive deep into IT processes, communicate to auditors, and to be able to drive innovative process changes through multiple organizations and teams.

This position can work out of our AWS office in Arlington, VA, Herndon, VA, Seattle, WA, or New York, NY.

Key job responsibilities:

• Understand regulatory and commercial IT requirements and serve as a subject-matter expert around AWS security controls
• Write, articulate, and update security controls and/or security policies and standards and documentation.
• Review evidence needed to illustrate the key controls that exist across the AWS environment
• Communicate to key stakeholders the operational processes around AWS security practices and how controls are implemented across the environment.
• Communicate to leadership key risks and areas of program improvement, as well as seek diverse opinions and coordinate improvement efforts.
• Fielding and addressing requests in collaboration with external auditors.
• Dive deep into the AWS control environment to develop broad domain and technical understanding of AWS control activities and implementation to articulate compliance to key stakeholders.
• Bridge communication with key stakeholders and AWS technical communities to articulate control implementation.
• Operate a quality rhythm of the business for managing multiple stakeholder expectations simultaneously.

About the team:

Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why Amazon Security? At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture.