Back to all jobs
A
Risk Manager, AWS Compliance & Security Assurance
SGP
full-timeProject/Program/Product Management--Non-TechJob Description
At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At our scale, we invent new ways to provide the highest level of assurance to our most security conscious customers.
Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our Security Assurance specialists ensure that AWS can meet customers audit, assurance, and regulatory expectations.
We are looking for detail-oriented and passionate candidates to join our growing team of audit specialists, where you will develop foundational expertise in cloud security assurance. You will support audit evidence collection and contribute to defined audit programs across Asia-Pacific.
You should have a strong interest in geo politics, developing audit skills, developing regulatory analysis skills, and learning about technology. We expect team members and management alike to take a high degree of ownership for their program, vision and execution. You will have an opportunity to work directly with most divisions across AWS as we build the tools and evidence needed to demonstrate assurance for our customers. The skills you will learn will help bridge security, technology, and compliance across AWS in Asia Pacific.
You are someone who can prioritize well, communicate early and clearly, and will be able to demonstrate track record of delivering both personally and through your peers.
Key job responsibilities
- Collect, organize, and deliver audit evidence for defined assurance programs, initially focused on South Korea and select Asia-Pacific geographies, under the guidance of senior team members.
- Support the development and maintenance of mappings between AWS controls and audit evidence, contributing to evidence collection automation initiatives led by the team.
- Develop working knowledge of the Amazon control environment, including security activities and control implementations, applying this understanding to assigned audit and evidence collection activities
- Build foundational understanding of regulated industry compliance requirements relevant to assigned programs, and support communication of how AWS control activities address specific regulatory obligations
- Develop and maintain standard operating procedures (SOPs), workflows, and documentation related to audit evidence collection and compliance activities
- Track and manage project milestones, identify blockers, and escalate issues appropriately to ensure timely delivery of audit and compliance activities
- Apply risk management best practices and methodologies to assigned compliance and audit activities, understanding risk thresholds and taking appropriate actions when thresholds are exceeded
- Produce clear and concise written documentation including audit results, status reports, and escalation summaries for review by team leads and managers
- Promote a culture of compliance within the team by staying current on relevant regulations and best practices applicable to assigned audit programs
About the team
Diverse Experiences
AWS Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS Security
At AWS, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of AWS’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Inclusive Team Culture
In AWS Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Mentorship and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our Security Assurance specialists ensure that AWS can meet customers audit, assurance, and regulatory expectations.
We are looking for detail-oriented and passionate candidates to join our growing team of audit specialists, where you will develop foundational expertise in cloud security assurance. You will support audit evidence collection and contribute to defined audit programs across Asia-Pacific.
You should have a strong interest in geo politics, developing audit skills, developing regulatory analysis skills, and learning about technology. We expect team members and management alike to take a high degree of ownership for their program, vision and execution. You will have an opportunity to work directly with most divisions across AWS as we build the tools and evidence needed to demonstrate assurance for our customers. The skills you will learn will help bridge security, technology, and compliance across AWS in Asia Pacific.
You are someone who can prioritize well, communicate early and clearly, and will be able to demonstrate track record of delivering both personally and through your peers.
Key job responsibilities
- Collect, organize, and deliver audit evidence for defined assurance programs, initially focused on South Korea and select Asia-Pacific geographies, under the guidance of senior team members.
- Support the development and maintenance of mappings between AWS controls and audit evidence, contributing to evidence collection automation initiatives led by the team.
- Develop working knowledge of the Amazon control environment, including security activities and control implementations, applying this understanding to assigned audit and evidence collection activities
- Build foundational understanding of regulated industry compliance requirements relevant to assigned programs, and support communication of how AWS control activities address specific regulatory obligations
- Develop and maintain standard operating procedures (SOPs), workflows, and documentation related to audit evidence collection and compliance activities
- Track and manage project milestones, identify blockers, and escalate issues appropriately to ensure timely delivery of audit and compliance activities
- Apply risk management best practices and methodologies to assigned compliance and audit activities, understanding risk thresholds and taking appropriate actions when thresholds are exceeded
- Produce clear and concise written documentation including audit results, status reports, and escalation summaries for review by team leads and managers
- Promote a culture of compliance within the team by staying current on relevant regulations and best practices applicable to assigned audit programs
About the team
Diverse Experiences
AWS Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS Security
At AWS, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of AWS’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Inclusive Team Culture
In AWS Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Mentorship and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.