Security Assessor I, SRC Security Assurance

Seattle, WA
Permanent
Full-time

1 day ago

DESCRIPTIONThe Security and Regulatory Compliance (SRC) organization is comprised of teams that provide consistent high-level judgement to help Amazon businesses comply with security regulations, policies, and Amazon's high bar for security. The Security Assurance Team serves as the primary security compliance team for Amazon. As a Security Assessor I, you will support security compliance assessments and participate in security control reviews for Amazon services. If you enjoy working in a rapidly changing environment and contributing to the security compliance of a large global organization, this position will provide you with a challenging opportunity. You will collaborate with teams to assess security controls and ensure regulatory compliance requirements are met, while supporting the secure and compliant design of systems worldwide.Bring your insight, imagination and a healthy disregard for the impossible. Join us in building and celebrating the value of security assurance. Unlock your career potential!Key job responsibilities
- Conduct security compliance assessments based on established control tests for compliance regimes (such as ISO, NIST, SOX, PCI, HIPAA, GDPR and other regulatory compliance)
- Collaborate with business/service teams to understand and validate security assessment scope
- Review security controls such as access controls, data encryption and audit logging
- Supports automation opportunities while working with Engineering teams.
- Participates in continuous improvements to the security assessment processes
- Captures and tracks information security assessment metrics and goals
- Clearly communicate deliverables, and project status to management and key technical and business stakeholders
- Documents findings and recommendations in a clear, concise and audience-specific formatAbout the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.#JoinBSTBASIC QUALIFICATIONS- Bachelor's degree in Management Information Systems, Computer Science or relevant field
- 2+ years of relevant industry experience including information assurance, data privacy and compliance in security domains
- 2+ years of information security governance, audit, risk management or related client service or consulting experience.
- Related security control and compliance experience in any of the frameworks such as: HIPAA, HITRUST, PCI DSS, GLBA, ISO, NIST, or other regulatory regimes
- Experience with security control reviews and compliance assessments
- Understanding of information security standards and frameworksPREFERRED QUALIFICATIONS- CISSP, CISA, CISM, CIPP, CEH and/or other comparable security or audit certifications preferred
- Experience in control framework development and implementation
- Related security control and compliance experience in multiple frameworks such as: HIPAA, HITRUST, PCI DSS, GLBA, ISO, NIST, or other regulatory regimes
- Experience with AWS Cloud services, managing security for AWS Cloud servicesAmazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $50,100/year in our lowest geographic market up to $107,200/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit . This position will remain posted until filled. Applicants should apply via our internal or external career site.

Amazon

Apply Now