AWS Security Assurance: Government Audits Amazon
Herndon, VA

Job Description

Are you interested in driving exceptional security for customers? Do you have a passion for cutting-edge technologies? Do you see compliance as a business enabler? Amazon Web Services (AWS) is rapidly expanding its global presence and we are looking for a highly motivated Security Assurance professional to join our Compliance Assessment Team and drive a programs as part of a team of professionals focused on global public sector (government) audits and attestations. As part of the AWS Security Assurance team, you will build the bridges between security, technology and compliance by working directly with our AWS service teams, infrastructure teams, security teams, related Amazon corporate teams, and Government authorizing officials. You will join industry-leading security professionals in supporting customers to ensure that our infrastructure is designed, operated, maintained, and protected in accordance to global regulated industry standards.

You should be a technically experienced and innovative security, compliance, and audit professional who has the ability to understand IT processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams.

This position will be responsible for the following activities:

* Dive deep into the AWS control environment to develop technical understanding of control implementation and articulate compliance implications to internal and external audit functions.
* Improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness.
* Operate a rhythm of the business for managing changes to the control environment and in the preparation of audits; guide control owners in documenting their own control activities and confirm readiness of controls for audit.
* Develop broad domain and technical knowledge in AWS security solutions including the operational processes and controls in place that support AWS compliance programs.
* Monitor, evaluate, and continuously improve the organization by being a trusted advisor, facilitator and creative problem solver.
* Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
* Liaise with auditors, articulate control implementation and impact, and describe considerations for applying security and compliance concepts to a technical cloud environment.
* Apply a working knowledge of global information security regulation and policy to articulate customer and control impact and drive alignment to AWS controls.
* Drive process improvement and control implementation projects in coordination with the service teams. This includes the resolution of audit findings and the execution of projects originated from internal assessments.