Technical Program Manager, AWS Security Amazon
Herndon, VA

Job Description

The AWS IT Security team is responsible for the security and availability of all services offered by AWS, as well as provides security support for teams acquired by AWS. This includes building security organizations and processes for AWS subsidiaries such as Elemental Technologies and Twitch. The AWS Security team works with services teams to design and build secure solutions, participate and coordinate cross-organization security initiatives, and solve security challenges at scale.

The AWS Security Subsidiary Security team is looking for a Security Integration Technical Program Manager (TPM) to help build and grow security operations within acquired service teams in order to address both deeply technical and programmatic security issues, as well as emerging new threats. This individual will lead security due diligence efforts, plan security integration, and execute efforts for AWS acquisitions. The role requires partnering with executive business sponsors to define key security issues for potential acquisitions, implementing actionable plans to achieve remediation of security threats, and diving deep on tactical security aspects of a service in need of extra attention. Security Integration TPMs oversee and influence cross-functional security diligence and integration teams to ensure all relevant security tasks are completed. Stakeholder groups include acquiring business and the broader AWS Security teams, technology and IT partners, HR, tax, legal, finance, open source, accounting, and communications. Security Integration TPMs serve as a vital bridge between acquired teams and security teams.

Successful Security Integration TPM's at Amazon are self-starters, able to work autonomously, natural problem solvers, collaborative, and not fazed by adversity or ambiguity. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud security threats, the ability to influence people from customers to managers thru technical solutions, and the desire to be an individual contributor to securing Amazon's next generation technology.

RESPONSIBILITES INCLUDE:

* Work with engineering teams across AWS to prioritize security issues identified during Security Due Diligence and Application Security Reviews.
* Provide expert advice and consultancy to internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigation.
* Implement information security controls and patterns that support risk assessments and the development of secure architectures.

o This will involve understanding AWS service interdependencies and driving secure technical solutions for multi-tiered systems.

* Collaborate with engineering teams to drive product roadmaps, by providing security requirements that map security controls to service features.
* Address bottlenecks, provide escalation management, anticipate and make tradeoffs, and balance the business needs versus technical constraints.
* Partner with multiple teams across multiple locations with varying sets of priorities to ensure a timely delivery of the secure solutions.
* Clarify and drive project commitments as well as establish and maintain clear chains of accountability.
* Lead internal process improvement projects, including the development and implementation of internal security tools.
* Provide security training and outreach to internal development teams.
* Provide security guidance documentation.
* Lead MVP development of security tools.
* Work with team to create regular cadence reporting for internal projects and integration activities.
* Identify process improvements and automation opportunities for generating regular cadence reports.
* Provide assistance with recruiting activities and administrative work.