SecurityAssessorI

The Security and Regulatory Compliance (SRC) organization is comprised of teams that provide consistent high-level judgement to help Amazon businesses comply with security regulations, policies, and Amazon's high bar for security. The Security Assurance Team serves as the primary security compliance team for Amazon. As a Security Assessor I, you will support security compliance assessments and participate in security control reviews for Amazon services. If you enjoy working in a rapidly changing environment and contributing to the security compliance of a large global organization, this position will provide you with a challenging opportunity. You will collaborate with teams to assess security controls and ensure regulatory compliance requirements are met, while supporting the secure and compliant design of systems worldwide. Bring your insight, imagination and a healthy disregard for the impossible. Join us in building and celebrating the value of security assurance. Unlock your career potential! Key job responsibilities - Conduct security compliance assessments based on established control tests for compliance regimes (such as ISO, NIST, SOX, PCI, HIPAA, GDPR and other regulatory compliance) - Collaborate with business/service teams to understand and validate security assessment scope - Review security controls such as access controls, data encryption and audit logging - Supports automation opportunities while working with Engineering teams. - Participates in continuous improvements to the security assessment processes - Captures and tracks information security assessment metrics and goals - Clearly communicate deliverables, and project status to management and key technical and business stakeholders - Documents findings and recommendations in a clear, concise and audience-specific format About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we enco