Senior Compliance Specialist, Compliance Remediation
DescriptionAt Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for diving deep into industry requirements, maintaining regulatory and security requirements, and establish strategies to meet current and upcoming customer and regulatory security needs. At AWS' scale, we hire experienced builders to design and operate scalable mechanisms to provide the highest level of assurance to our most regulatory conscious customers.We are looking for an industry expert to join our Compliance Remediation Team. As part of the team, you will own the workstreams critical to our continual adherence to AWS' compliance programs (e.g. FedRAMP, DoD). Our team solves complex compliance challenges, dives deep into compliance requirements for both AWS and our customers, improves processes, and drives greater efficiencies in meeting expectations. This role facilitates our ability to grow and scale our internal compliance processes and mechanisms to meet the compliance and regulatory expectations globally. You should be an experienced and industry professional who has the ability to understand IT and compliance processes, evaluate opportunities for improvement, and to be able to drive innovative campaigns across organizations and teams.Key job responsibilitiesEvaluating the effectiveness and efficiency of compliance program activities and recommend improvements to improve delivery at scale.Leading and managing projects and campaigns to implement companywide updates needed to meet the evolving needs of our customers.Creating operational mechanisms to address recurring escalation patterns and persistent challenges.Communicating to senior leadership the status and key deliverables of team initiatives, seek diverse opinions and lead improvement efforts, and lead escalations.Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.Transforming raw thoughts into clear technical documentation and/or direction.Operating a quality rhythm of the business for managing compliance expectations.About the teamDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.Basic Qualifications-Bachelor's Degree in Cybersecurity or other related fields, or equivalent experience-5+ years of experience in project/program management in a technical field-5+ years of IT security audit, compliance and/or relevant Federal regulatory experience-3+ years of FedRAMP, DoD, or NIST compliance program experiencePreferred Qualifications-Experience with compliance frameworks/programs including: FedRAMP, DoD SRG, NIST, and ISO-Have a record of delivery of IT process improvement projects with technology processes and/or major tech companies-Have comprehensive working knowledge of NIST SP 800-53 in relation to cloud technologies-Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes-Have an understanding of evaluating the design and effectiveness of IT controlsAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $107,400/year in our lowest geographic market up to $229,700/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.