At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for diving deep into industry requirements, maintaining regulatory and security requirements, and establish strategies to meet current and upcoming customer and regulatory security needs. At AWS’ scale, we hire experienced builders to design and operate scalable mechanisms to provide the highest level of assurance to our most regulatory conscious customers.
We are looking for an industry expert to join our Assurance Assessments Team. As part of the team, you will own the workstreams critical to our continual adherence to AWS’ HIPAA assessments and other compliance assessments (e.g. FedRAMP). Our team performs complex assessments for services and features, diving deep into the compliance and regulatory requirements necessary to be audit ready at launch. This role facilitates our ability to grow and scale our internal compliance processes and mechanisms to meet the compliance and regulatory expectations globally. You should be an experienced and industry professional who has the ability to understand regulatory requirements, specifically HIPAA, AWS services, IT and compliance processes, evaluate opportunities for improvement, and be able to influence across organizations and teams.
Key job responsibilities
Evaluating the control effectiveness and efficiency of services and features, recommending improvements to ensure their audit ready at launch.
Influencing service teams to perform assessment work in a timely manner, escalating as appropriate.
Creating operational mechanisms to address recurring escalation patterns and persistent challenges.
Communicating to senior leadership the status and key deliverables of team initiatives, seeking diverse opinions and lead improvement efforts, and lead escalations.
Bridging communication with both technical engineering and business teams to successfully capture and implement business requirements.
Diving deep into the operations of AWS compliance programs to develop broad domain and technical understanding of regulatory and customer expectations to drive process improvement initiatives.
Transforming raw thoughts into clear technical documentation and/or direction while developing and maintaining success and operational metrics.
Operating a quality rhythm of the business for managing compliance expectations.
Leading and managing projects and campaigns to implement companywide updates needed to meet the evolving needs of our customers.
A day in the life
In this role, you will work directly with service teams evaluating control implementations to ensure services and features are audit ready at general availability launch. While you will primarily work within the HIPAA space, you will work across the assessment organization as needed within other frameworks.
Additional work will include, but is not limited to:
– working with internal and external auditors
– creating and maintaining success and operational metrics
– developing and holding monthly program reviews for your operational work
– working with the HIPAA Security Officer on process improvements, policy updates, and annual assessments.
– coordinating with legal and other security teams.
About the team
Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring. We care about your career growth as a passionate learner that is motivated to take on challenges.
Work/Life Balance
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life-both in and outside of work.
We are open to hiring candidates to work out of one of the following locations:
Arlington, VA, USA | Herndon, VA, USA | Seattle, WA, USA
BASIC QUALIFICATIONS
– Bachelor’s Degree in Cybersecurity or other related fields, or equivalent experience
– 5+ years of experience in project/program management in a technical field
– 5+ years of IT security audit, compliance and/or relevant Federal regulatory experience
– 3+ years of HIPAA, Privacy, or FedRAMP compliance program experience
– 3+ years of experience with AWS services.
PREFERRED QUALIFICATIONS
– Juris Doctor or comparable advanced degree.
– Experience working with the HIPAA Security Officer and managing HIPAA Assessments.
– Experience performing privacy assessments and related remediation work.
– Demonstrated understanding of cloud computing services/deployment architecture
– Compliance Frameworks/Programs including: HIPAA, FedRAMP, NIST, ISO, and other Privacy frameworks.
– Have a record of delivery of IT process improvement projects with technology processes and/or major tech companies
– Have experience in assessments, authorization and continuous monitoring of cloud services and products
– Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes
– Have experience developing a security compliance strategy based on product roadmap
– Have an understanding of evaluating the design and effectiveness of IT controls
– Meets/exceeds Amazon’s leadership principles requirements for this role
– Meets/exceeds Amazon’s functional/technical depth and complexity for this role
#SecurityAssurance
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $185,000/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. Applicants should apply via our internal or external career site.