Amazon.com Services LLC

Systems, Quality, Security Engineering, Security Industry Specialist, amazonian experience and tech

SeniorSecurityRiskSpecialist

$119–209k Seattle, Washington, United States FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Senior candidates.

The Brief

“Senior Security Risk Specialist at Amazon.com Services LLC. Skills: Security risk management, Third-party risk, Benefits compliance, Regulatory requirements. Lead third-party vendor risk assessments. Evaluate security posture”

What You'll Achieve.

Mitigate risks; Drive scalable solutions; Achieve risk management outcomes; Resolve issues

Industry & Context.

Systems, Quality, Security Engineering, Security Industry Specialist, amazonian experience and tech

Problems you'll solve

Root cause analysis; Troubleshooting; Data analysis

What They're Looking For.

Must Have

Bachelor's degree or equivalent, 7+ years risk management experience, 7+ years audit experience, 7+ years legal experience, 7+ years compliance experience, Engaging with external stakeholders experience, Experience with IT compliance, Experience with risk management requirements

Nice to Have

CISSP certification, CISA certification, CISM certification, Other security certification, Advanced degree in related area, Deep knowledge of federal benefits regulations, Knowledge of state regulations, Knowledge of local regulations, Experience influencing vendor security strategies, Experience influencing vendor compliance strategies, Negotiating remediation timelines, Shaping vendor contractual obligations, Proficiency across security compliance regimes, Proficiency across security compliance frameworks

What You'll Do.

Lead third-party vendor risk assessments

Evaluate security posture

Evaluate privacy posture

Evaluate compliance posture

Define risk assessment methodologies

Iterate on risk assessment frameworks

Scale risk management capabilities

Identify long-term risks

Influence business strategy

Make independent decisions

Engage vendors on risk matters

Engage auditors on risk matters

Engage regulators on risk matters

Drive benefits compliance management

Ensure adherence to regulations

Lead risk assessments of vendor processes

Lead control assessments of vendor processes

Determine state of compliance

Analyze risk exposure

Own third-party risk review programs

Drive third-party risk review programs

Create predictable process paths

Create repeatable mechanisms

Decouple project dependencies

Prevent duplicate effort

Prevent wasted effort

Define business problems

Influence resource allocation

Develop mechanisms to inspect risk delivery

Develop mechanisms to monitor risk delivery

Develop mechanisms to improve risk delivery

Hold team to high standard

Propose recommendations

Identify correct owners

Track issues to resolution

Develop deep understanding of benefits solutions

Develop deep understanding of third-party vendors

Drive business requirements

Lead collaboration with vendors

Lead collaboration with external teams

Ensure employee-centered experiences

Understand builder experience

Understand stakeholder experience

Align third-party risk processes

Author written narratives

Recommend solutions on third-party risk

Influence the organization

Influence external partners

Drive business discussions

Drive technical discussions

Make decisions on alignment

Advise managers on risk matters

Advise directors on risk matters

Communicate risk posture to leaders

Communicate compliance gaps to leaders

Communicate strategic recommendations to leaders

Write with stakeholders

Speak with stakeholders

Network with stakeholders

Broaden influence on risk management

Develop manager communications

Develop employee communications

Develop policy positions

Develop standard operating procedures

Develop strategic narratives

Mentor junior team members

Develop junior team members

How You'll Work.

Team & Collaboration

Across the organization; With US benefits owners; With diverse stakeholders; With vendors; With external teams; With managers and directors; With key internal stakeholders; With key external stakeholders

Communication Scope

Written narratives; Verbal communication; Written communication

Process & Methodology

Agile

Full Job Description

The Benefits Experience and Technology Risk team (BXT Risk) is responsible for managing employee benefits risk activities in countries where we do business. As a Senior Security Risk Specialist on the BXT Risk team, you will serve as a subject matter expert and strategic contributor to our benefits third-party risk ecosystem, working across the organization with US benefits policy, process, and system owners to define strategies, evaluate complex risks, and drive scalable solutions that mitigate risks introduced by third-party vendors and service providers supporting the organization's US health and financial employee benefit programs. This role requires both tactical execution and strategic thinking. You will independently lead complex third-party risk assessments, influence vendor security and compliance strategies across the organization, shape how the team scales its risk management capabilities, and drive alignment across diverse stakeholders with potentially conflicting priorities. You will create predictable process paths and repeatable mechanisms that multiple teams utilize, mentor junior team members, and advise managers and directors on third-party risk matters affecting employee benefits programs. Key job responsibilities Third-Party Risk Strategy and Assessment: - Lead complex third-party vendor risk assessments across multiple benefits programs and vendor relationships, evaluating security, privacy, and compliance posture against federal, state, and local regulatory requirements - Define and iterate on risk assessment methodologies, frameworks, and mechanisms to scale for diverse vendor requirements and evolving regulatory expectations (e.g., quantitative risk models, vendor risk questionnaires, continuous monitoring approaches) - Identify long-term risks associated with third-party vendors and influence business strategy to proactively mitigate them before they materialize into risk events - Make diligent, independent decisions on how to engage vendors

Free ATS check

Applying for this Senior Security Risk Specialist role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 39 detected · ranked by frequency

Risk assessment methodologies ×3

Risk frameworks ×3

Quantitative risk models ×3

Vendor risk questionnaires ×3

Continuous monitoring approaches ×3

Remediation plans ×3

Process paths ×3

Workflows ×3

Risk management outcomes ×3

Security control design ×3

Security control testing ×3

Security control implementation ×3

Security control validation ×3

Security controls evaluation ×3

Negotiate remediation timelines ×3

Evaluate security controls ×3

Risk posture communication ×3

Compliance gaps communication ×3

Strategic recommendations communication ×3

Security risk management ×2

Third-party risk ×2

Benefits compliance ×2

Regulatory requirements ×2

Risk management

Compliance oversight

Legal analysis

Third-party risk assessment

Vendor risk management

Risk mitigation

Regulatory compliance

Process improvement

Stakeholder management

BEHAVIOURAL

LeadershipMentoring

Role Details

Experience 5–10 yrs

Level Senior

Work Mode Onsite

Type FULL TIME

Salary Band 100k-150k

AI-Extracted Insights

Domain Areas

employee-benefitsthird-party-riskhipaaerisaacacobrafederal-regulationsstate-regulations

Certifications

CISSPCISACISM

ANONYMOUS · UNFILTERED

What do employees actually say about Amazon.com Services LLC?

Real rants from real employees. Read before you apply.

Read Company Rants →