Security Assurance Specialist, Governance, Risk & Assurance

Amazon Web Services is a dynamic and rapidly growing business within Amazon.com. We provide a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses in 190 countries around the world. We provide organisations with building block web services that allow them to innovate faster and operate their software more cost-effectively. These services-in-the-cloud include on-demand compute capacity, storage, content delivery, querying of structured data, message queuing, and more. The AWS team is building and delivering the next generation of cloud computing that supports public AWS offerings like S3, EC2, and CloudFront. We are innovating new ways of building massively scalable distributed systems.

At Amazon Web Services (AWS), Security is our highest priority. At AWS' scale, we invent new ways to provide the highest level of assurance to our security conscious customers. AWS Security is looking for a Security Assurance Specialist who can prioritize well, communicate early and clearly, and has a solid understanding of security and compliance within a cloud environment. The Security Assurance Specialist will be part of the team which is responsible for demonstrating the security controls of services offered by AWS. This position will be focused on the Security Assurance function, leading on day-to-day security assurance activities, evaluating compliance and providing evidence of how they meet the requirements of our most security conscious customers.

At AWS we are obsessed with earning and maintaining customer trust. This role facilitates our ability to build and maintain that trust through our internal Security Assurance processes and mechanisms. Ideal candidates will have the ability to learn and comprehend security control implementations and operational effectiveness, AWS services, and IT and cloud auditing processes. They will also be able to evaluate opportunities for improvement, and influence across organizations and teams.

• Collaborate with internal teams and customers to establish baselines and agree the security requirements and associated security controls.
• Manage requests for evidence relating to key security controls, by working in collaboration with internal and external stakeholders.
• Responsible for reviewing the security of proposed new AWS systems, networks, and software designs for potential system security risks, and resolving integration issues related to the implementation of new services within the existing cloud infrastructure.
• Liaise between key stakeholders and AWS technical communities to articulate security control implementation.
• Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to enable these to be articulated to both customers and internal/external stakeholders.
• Work across a wide variety of AWS teams to establish and maintain information security documentation.

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

You will need to be a UK national and able to obtain and maintain a UK Government Security Clearance.

• 2+ years of professional experience in performing technical assessments or audits within a cloud environment, including working knowledge of foundational security principles and industry best practices.
• Demonstrated experience in security, audits, customer trust, control assessments, or risk assessments.
• Proven analytical and quantitative skills, and an ability to use data and metrics to back up assumptions, develop detailed reporting and drive process improvements.

• Solid foundation in service-oriented and web-service technologies.
• Experience designing and implementing systems using AWS. Familiarity with Information Security or Audit frameworks.
• Experience in the delivery of projects and programs across multiple teams.
• Strong verbal and written communications skills, as well as the ability to work effectively across internal and external organizations.
• Strong analytical and critical thinking skills with the ability to use data to back up assumptions, recommendations and drive actions.

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit the appropriate link for more information.