Amazon.com Services LLC
Security
SecurityIndustrySpecialist,CISC-CustomerandIndustrySecurityCompliance
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Security Industry Specialist, CISC - Customer and Industry Security Compliance at Amazon.com Services LLC. Skills: Security compliance, Regulatory compliance, Audit support. Understand Amazon security controls. Serve as subject-matter expert”
What You'll Achieve.
Deliver Trust; Deliver Audits; Deliver Attestations
Industry & Context.
Root cause analysis
What They're Looking For.
Must Have
5+ years assessing technical processes, Experience developing unified frameworks, Experience working with security teams, Experience working with business teams
Nice to Have
Bachelor's degree, BS degree, Demonstrated understanding of cloud computing services/architecture, Experience with GRC tooling, Standard industry recognized certification
What You'll Do.
Understand Amazon security controls
Serve as subject-matter expert
Dive deep into control environment
Develop domain understanding
Develop technical understanding
Articulate compliance to stakeholders
Develop knowledge base
Vet knowledge base with partners
Communicate key risks to leadership
Communicate areas of program improvement
Seek diverse opinions
Coordinate improvement efforts
Develop understanding of industry requirements
Develop understanding of regulatory expectations
Drive process improvement initiatives
Prepare for assessments
Identify applicable controls
Assess control readiness
Recommend remediation strategies
Track remediation activities
Drive individual projects
Manage individual projects
Drive individual campaigns
Manage individual campaigns
Communicate vision to management
Communicate deliverables to management
Communicate project status to management
Communicate vision to stakeholders
Communicate deliverables to stakeholders
Communicate project status to stakeholders
Deliver recommendations
Deliver risk interpretations
Identify process improvements
Innovate process improvements
How You'll Work.
Team & Collaboration
Technical teams; Business leaders; Business partners; Security stakeholders; Internal organizations; Control owners
Communication Scope
Leadership communication; Stakeholder communication
Process & Methodology
Project management
Full Job Description
The Stores Security and Regulatory Compliance (Stores SRC) organization is currently hiring for a Security Industry Specialist to join our Customer and Industry Security Compliance (CISC) team. SRC is comprised of teams that provide consistent high-level judgement to help Amazon businesses and subsidiaries comply with security regulations, policies and Amazon’s high bar for security. The CISC Team sits within Stores SRC and serves as the primary Security Assurance team for Enterprise certifications of ISO 27001, SOC2 type 2, PCI DSS, CE and CE+ as well as Compliance reviews and external security due diligence reviews for sales enablement in Amazon. The CISC team is hiring a Security Compliance Specialist to focus on preparing for and supporting third-party attestation audits. This includes preparing reports and regulatory/industry certifications along with developing standard security response protocols for third-party inquiries submitted to Amazon, Amazon’s corporate customers, business associates, and other third party (3P) partners. The SRC team obsesses over our customers and work to ensure that they are confident that Amazon cares about data confidentiality, integrity, and availability by providing third-party attestations as proof of compliance. To support successful attestations, the SRC team identifies applicable controls, assesses their effectiveness, and works with control owners to remediate the findings. The successful candidate will be a technically experienced and innovative security and compliance professional who has the ability to understand security processes, effectively communicate with technical teams and business leaders alike, and be able to drive automated and scalable process improvements across internal organizations and teams. Key job responsibilities - Understand and serve as a subject-matter expert around Amazon security controls - Dive deep into the Amazon control environment to develop broad domain and technical understanding of contro
Applying for this Security Industry Specialist, CISC - Customer and Industry Security Compliance role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Amazon.com Services LLC?
Real rants from real employees. Read before you apply.