COMPLETE Manager, TPM, FSDC/Vulnerability Management - Seattle

Job Description

We are open to hiring candidates to work out of one of the following locations:

Arlington, VA, USA | New York, NY, USA | Seattle, WA, USA

Amazon Web Services (AWS) Security is looking for a passionate and innovative TPM Manager for the AWS Vulnerability Management Compliance team. At AWS, security is job zero. The AWS Vulnerability Management team continuously raises the bar for security at AWS. We combine intelligence, cybersecurity skills, risk management techniques, and technical expertise to keep our customers and the cloud secure. Our team offers the unique opportunity to work with leading industry security experts and engage across AWS service teams and leadership. We are data-driven, set big goals, and are always challenging ourselves and each other to identify better solutions and take on new challenges.

As a TPM Manager on the AWS Vulnerability Management Compliance team, you will lead a team of Technical program managers and work with Security engineers, software developers and program managers. You will collaborate with subject-matter experts across AWS on technical solutions, drive compliance programs end to end and manage large scale remediation activities.

Key job responsibilities
* Become a subject matter expert for a technology domain in AWS Vulnerability Management.
* Be a VM Compliance technical lead, providing support and mentorship to less experienced team members in day to day operations
* Author risk assessment statements, remediation guidance, and status reports
* Partner with product teams across Amazon to develop scalable solutions to VM Compliance
* Work with engineers to design and develop tooling to automate and refine VM Compliance processes
* Assist stakeholders with aligning standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance policies, and risk management
* Support process improvement and control implementation projects in coordination with the service teams
* Develop a working knowledge of the operational processes and controls in place that support the Amazon Security and Compliance teams, including commercial and regulatory compliance programs.
* Perform service impact assessments of existing and emerging compliance programs
* Manage the onboarding efforts of services for audit and/or certification
* Innovation of mechanisms to better meet business processes and compliance requirements

About the team
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring. We care about your career growth as a passionate learner that is motivated to take on challenges.

Work/Life Balance
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.

We are open to hiring candidates to work out of one of the following locations:

Arlington, VA, USA | Austin, TX, USA | Chicago, IL, USA | Cupertino, CA, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, USA

We are open to hiring candidates to work out of one of the following locations:

Arlington, VA, USA | New York, NY, USA | Seattle, WA, USA

Basic Qualifications:

* Bachelor’s degree in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics or related discipline, or 10+ years’ equivalent technology experience
* Minimum of 6 years of industry experience with a proven track record of delivery following Project Management principles
* 6+ years of executive communication. Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business
* Understanding of information security, privacy frameworks, and compliance requirements
* 6+ years of experience in project/program management in a technical field which developing and maintaining stakeholder relationships across large organizations
* 6+ years of experience in security or compliance consulting or advisory work in support of a highly technical environment
* Experience with Governance, Risk, and Compliance tools, Application Security and Third-Party Security
* Hands-on experience working successfully in a very fast-paced, rapidly evolving, results-oriented environment
* Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
* Experience in working directly with auditors/regulators in support of compliance audits for FedRAMP, PCI, SOC, ISO and other regional compliance regimes

Preferred Qualifications:

* Experience in vulnerability management or security operations.
* Experience affecting change across complex environments.
* 6+ years of experience as a technical program manager in security/software/web development organizations
* 6+ years of experience in performing technical security assessments and audits of network, operating systems, application security, and auditing IT processes
* A record of delivery of large IT process improvement projects with technology processes and/or major tech companies
* 3+ years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (PCI, SOC, ISO and other compliance regimes); CISM or CISSP
* Strong bias for action with ability to prioritize, multitask, and meet deadlines.
* Meets/exceeds Amazon’s leadership principles requirements for this role
* Meets/exceeds Amazon’s functional/technical depth and complexity for this role

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $130,900/year in our lowest geographic market up to $254,500/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.