Back to Jobs
A
Security Industry Specialist, Subsidiary & Acquisition GRC
Amazon·Posted 1 day ago
Full TimeMid
LocationHawthorne, California, United States
Work ArrangementOn-Site
Salary Range$102,000 – $178,400 / year
Experience2-5 years
Job Description
Blink (Amazon’s subsidiary) Security team is growing and looking for a highly motivated security risk & compliance specialist to join our team and drive regulatory compliance requirements for our products. In this role, you will work collaboratively with various business and security teams across Amazon to identify compliance needs, assess the maturity of processes and controls, design, build, and execute high-impact security or compliance programs to ensure successful audit executions. You should be a technically experienced and innovative security, risk, compliance, and audit professional who has the ability to understand systems, security, and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams.
Key job responsibilities
• Understand and rationalize regulatory requirements for service and device security
• Proactively assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management, and third party risk issues and vulnerabilities by working with multiple stakeholder teams, including Privacy, Legal, HR, IT, etc
• Engage with the Business and SMEs to ensure compliance to information security policies
• Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
• Develop and maintain relevant security risk metrics to promote transparency across the organization; measures, monitors and reports on information security risks to management
• Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations.
• Provide business specific interpretations and support automation opportunities
• Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment
A day in the life
The Subsidiary & Acquisition Security team designs and engineers high-profile consumer devices, including the Ring, Blink, Amazon Keys, and Side walk family of products. The Subsidiary & Acquisition GRC team works to ensure that our services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Basic Qualifications: - Experience in security or compliance consulting or advisory work in support of a highly technical environment
- 3+ years of IT platform implementation in a technical and analytical role experience
- Bachelor's degree in computer science or equivalent, or 5+ years of IT Security experience
- 3+ years in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. NIST, SOC 2, or ISO) Preferred Qualifications: - Master's degree or above in a technical or engineering related field, such as Electrical Engineering, Computer Science, etc.
- Knowledge of one or more of the following domains: access-control system and methodology, network security, application- and system-development security, security architecture and models, cryptography, and operations security
- 1+ years of technical specialist, design and architecture experience, or AWS Professional level certification
- Knowledge of professional software engineering & best practices for full software development life cycle, including coding standards, software architectures, code reviews, source control management, continuous deployments, testing, and operational excellence
- Experience communicating across technical and non-technical audiences, including executive level stakeholders or clients
- Experience with compliance & security standards including PCI DSS, ISO 27001, HIPAA, and NIST
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
USA, CA, Hawthorne - 102,000.00 - 178,400.00 USD annually
USA, TX, Austin - 102,000.00 - 178,400.00 USD annually
Key job responsibilities
• Understand and rationalize regulatory requirements for service and device security
• Proactively assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management, and third party risk issues and vulnerabilities by working with multiple stakeholder teams, including Privacy, Legal, HR, IT, etc
• Engage with the Business and SMEs to ensure compliance to information security policies
• Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
• Develop and maintain relevant security risk metrics to promote transparency across the organization; measures, monitors and reports on information security risks to management
• Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations.
• Provide business specific interpretations and support automation opportunities
• Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment
A day in the life
The Subsidiary & Acquisition Security team designs and engineers high-profile consumer devices, including the Ring, Blink, Amazon Keys, and Side walk family of products. The Subsidiary & Acquisition GRC team works to ensure that our services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. Basic Qualifications: - Experience in security or compliance consulting or advisory work in support of a highly technical environment
- 3+ years of IT platform implementation in a technical and analytical role experience
- Bachelor's degree in computer science or equivalent, or 5+ years of IT Security experience
- 3+ years in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. NIST, SOC 2, or ISO) Preferred Qualifications: - Master's degree or above in a technical or engineering related field, such as Electrical Engineering, Computer Science, etc.
- Knowledge of one or more of the following domains: access-control system and methodology, network security, application- and system-development security, security architecture and models, cryptography, and operations security
- 1+ years of technical specialist, design and architecture experience, or AWS Professional level certification
- Knowledge of professional software engineering & best practices for full software development life cycle, including coding standards, software architectures, code reviews, source control management, continuous deployments, testing, and operational excellence
- Experience communicating across technical and non-technical audiences, including executive level stakeholders or clients
- Experience with compliance & security standards including PCI DSS, ISO 27001, HIPAA, and NIST
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
USA, CA, Hawthorne - 102,000.00 - 178,400.00 USD annually
USA, TX, Austin - 102,000.00 - 178,400.00 USD annually