The Ads Security team (part of Amazon’s broader Security Org – AmSec) is responsible for ensuring the Advertising businesses we support can efficiently product products that delight our customers and are secure and compliant by default. This requires us to measure, understand, and raise the Ads Organization’s security posture in a way that also enhances their velocity. We work with service teams to design and build secure solutions, participate and drive cross-organization security initiatives, and solve security challenges at scale. This is an exciting and visible role – you will directly influence Ads security posture. You will regularly interact with world-class engineers and senior leadership.
We are seeking a Sr STPM to work within Amazon Ads Security and partner with both Ad Customer Trust and Amazon InfoSec teams to raise the security bar by driving large security initiatives. If you’re passionate about Information Security, have exceptional technical depth and want to join a large scale, fast-paced organization with global impact on millions of customers, then we’d like to talk to you.
The STPM plays a crucial role in an organization’s cybersecurity efforts and is responsible for overseeing and managing security-related projects, programs, and initiatives. STPM’s primary focus is on the technical aspects of cybersecurity and DevSecOps, ensuring that security measures are effectively implemented and maintained across the organization.
The ideal candidate is passionate about leading security challenges in innovative ways. They must desire to not only find issues but also drive their remediation at a rapid pace. The ideal candidate has broad and deep technical knowledge, typically ranging from front-end UIs through to back-end systems and all points in between. This person has strong software design and implementation experience, strong knowledge of web protocols, and an in-depth knowledge of AWS tools and architecture. Experience with web services-based applications is desirable.
The candidate will help ensure that Ads Security landscape is designed and implemented to the highest security standards. You will be responsible for leading the analysis of security of applications and services, discovering and addressing security issues, help identify and manage development projects and quickly reacting to new threat scenarios. This position will provide you with an opportunity to work across development team to design and lead secure solutions, and generally solve security challenges at massive scale.
We are open to hiring candidates to work out of one of the following locations:
New York City, NY, USA ; Arlington, VA, USA
Key job responsibilities
* Own successful delivery of multiple large, high impact and highly cross-functional security program initiatives while simultaneously and accurately tracking a set of smaller projects. Drive development projects which improves and extends the security posture for Ad Technologies, etc..
* Creating program plans to support these efforts, including detailed work breakdown structures, as well as resource, communication, and risk plans
* Investigating risks and potential roadblocks, developing contingency plans so the teams don’t lose momentum, and escalating as necessary
* Own the development strategy for Ad’s Security, make a case for project priorities, resource allocation to achieve a desired business outcome, resolve an architecture deficiency, or unblock delivery
* Drive strategic cross-functional planning, leading discovery and prioritization by closely partnering with engineering leads to develop program plans, including roadmap, dependency identifications and resourcing plan.
* Establish and drive adoption of security frameworks, tools and best practices. Share your program management knowledge with engineering leadership teams. Lead post-program analysis to guide future programs.
* Communicate clearly and effectively program status and expectation to executive management on the plans, status and critical issues. Escalate urgent issues appropriately and driving them to closure in a timely manner.
* Work closely with Ad’s product teams, throughout the product’s life-cycle. Recognize, adopt and instill good developing practices from security engineering fields throughout the organization. Exercise security-by-design approach and risk-based judgment to help teams to make the right security calls.
* Maintaining and iterating on a roadmap of committed work through the current calendar year and beyond, clarify and drive project commitments as well as establish and maintain clear chains of accountability
* Provide KPI, metrics and dashboard of the program state
You demonstrate a breadth and depth of knowledge in the following disciplines:
* You recognize, lead best practices in security : secure development, cryptography, network security, security operations, systems security, policy, and incident response.
* You are considered a technical leader. You engage autonomously with product and system owners to help create, build and innovate security defense.
* You take the lead in identifying and solving ambiguous security problems, or areas where your team’s services potentially bottleneck other teams. You make security simpler.
* You are trusted to deliver multiple security solutions, at scale, and to act as a voice for the security team.
* You participate in efforts to promote and raise the security bar throughout the Ad’s organization.
• Basic Qualifications
We are open to hiring candidates to work out of one of the following locations:
Arlington, VA, USA | New York, NY, USA
BASIC QUALIFICATIONS
– 5+ years of technical product or program management experience
– 7+ years of working directly with engineering teams experience
– 3+ years of software development experience
– 5+ years of technical program management working directly with software engineering teams experience
– Experience managing programs across cross functional teams, building processes and coordinating release schedules
PREFERRED QUALIFICATIONS
– 5+ years of project management disciplines including scope, schedule, budget, quality, along with risk and critical path management experience
– Experience managing projects across cross functional teams, building sustainable processes and coordinating release schedules
– Experience defining KPI’s/SLA’s used to drive multi-million dollar businesses and reporting to senior leadership
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $119,000/year in our lowest geographic market up to $231,400/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.