Security Compliance Specialist, Specialized Businesses Security

• Understand and rationalize compliance requirements for service and device security.
• Provide business specific interpretations and support automation opportunities
• Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
• Engage with the Business and SMEs to define and ensure compliance to information security policies
• Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations

• 6+ years experience in security or compliance work in support of a highly technical environment
• 3+ years experience designing, implementing, and/or running technical GRC solutions
• Experience working with multiple security frameworks and regulations like ISO 27001/2, HIPAA, NIST 800-53, NIST CSF
• Experience writing technical documents and/or policies and standards
• Bachelor's degree in Information Security, Computer Science, Risk Management, Engineering, Information Systems, or related discipline, or 5+ years' equivalent technology experience

• Experience working directly with security engineers, auditors, and development teams
• Solid technical background and familiarity with AWS core services (EC2, S3, DDB, RDS, KMS, etc.)
• Experience with hardware and software development processes, products launches and lifecycles of devices and/or services
• Consistent demonstration of utilizing automation to solve recurring problems at scale
• Demonstrated ability to work through ambiguity to detailed solutions
• Excellent written and verbal communication skills while engaging both technical and non-technical stakeholders
• Technical knowledge in multiple security domains such as engineering, applications, system and network security, identity and authentication security protocols

Amazon