At Amazon, we are obsessed with customer trust. Information Security enables Amazon business leaders to securely develop and operate to maintain Customer Trust by guarding the confidentiality and integrity of Amazon and customer data. We assess risk, classify data and systems, detect potential intrusion, and render useless the value of data that may be leaked.
Our teams span over 10 countries worldwide, and our focus areas include: security intelligence, application security, incident response, security operations, risk and compliance, acquisitions and subsidiaries, and external partner security. Our mission includes instilling awareness to safeguard all customer and employee data, applications, services, and assets. To accomplish this, we unite with Amazon organizations to build security best practices into enterprise-wide systems. Our guidance and leadership equip our partners to maintain high security standards. This team dives deep into security technologies and continuously raises the security bar across CDO by tackling complex engineering problems that require widespread support and multi-year execution plans.
Amazon.com is looking for a Senior Technical Program Manager (TPM) to focus on new strategic information security projects. This role will support an initiative to define and implement steps to achieve our long term security vision for customer trust, solving our most challenging problems with novel and scalable solutions. In this role, you will work with cross-functional teams of technical and non-technical key stakeholders to define strategy and interpret, communicate, and drive full lifecycle security projects. You will partner with Legal, Product teams, and Engineering teams to evaluate and develop security services and infrastructure. If you enjoy working in a rapidly changing environment and influencing the strategic direction of a large global organization, this position will provide you with a challenging opportunity.
This program will be the central point of sharing security related information and driving security related programs across Amazon’s Consumer, Digital and Other (CDO) organization. Amazon’s CDO organization includes a variety of large and growing businesses. It is inclusive of the Consumer Web site, the fulfilment centers, TV and Movie Studios, Prime Video, Devices (Alexa, Kindle, FireTV), IMDB, Zappos, Whole Foods, and many other business. The role will provide opportunities to think big, be customer obsessed, and to partner with business teams across Amazon.com. In this role, you will define, communicate and manage challenging projects across multiple teams and locations.
The successful candidate is one who loves working directly with software developers to understand their needs, and design security systems and solutions that enable developers to operate more effectively, securely and safely. We have a team culture that encourages innovation and we expect team members and management alike to take high degree of ownership for their program vision and execution of ideas. You will have the opportunity to engage with systems that are at the cutting edge of technology. You will work directly with service teams, partner security teams, and administrative teams to identify opportunities to improve our security posture. You will build tooling, drive process improvements, and work with service owners and cutting edge technology to develop innovative solutions to complex technical challenges.
You can prioritize well, communicate clearly, and have a consistent track record of delivery. You are proactive in removing roadblocks, pave the way for innovation, and can handle multiple competing priorities in a fast-paced environment. You will be a positive influencer across diverse teams, be able to effectively rally support for your initiatives, and be able to help deeply technical teams create simple solutions to meet your program goals. You are able to handle business escalations with a data-driven approach to build trust with engineers and Senior Leaders.
This position may be located in Austin TX or Arlington VA, Relocation available.
Key Responsibilities Include
- Develop and execute multi-year project plans with an impact across Amazon business units to drive security excellence across multiple security domains, such as access control, vulnerability management, and secure software development.
- Lead initiatives aimed at identifying and eliminating security risks for Amazon and its partner teams such as Corporate Development, Amazon Subsidiaries, and Business Line Security Teams
- Lead ambiguous and undefined problems to resolution in the face of uncertainty
- Demonstrate the ability to provide both structured and creative thinking in a dynamic, evolving, multi team-based environment
- Demonstrate the ability to communicate effectively at multiple levels of management, building trust across the organization, and demonstrating discretion with sensitive information
- Show ownership and leadership skills in coordinating projects across multiple teams, driving them to successful conclusion while building strong, lasting relationships with both internal and external customers
- Be comfortable working in a fast-paced, ever-changing environment while driving teams to complete goals
- Demonstrate the ability to break abstract goals into attainable, measurable work items
- Manage a cross-functional process to translate the desired customer experience into a logically sequenced and optimized product roadmap and product releases
- Define user experiences and requirements by developing high quality PR/FAQ’s and effectively prioritize and manage the scope of each product launch to deliver key capabilities on time and on budget
- Be comfortable with hands-on day-to-day problem solving, implementing quick and effective action plans to meet short term priorities
- Prepare and present business reviews to senior management
Amazon Information Security is a high visibility team that solves security challenges at a massive scale. We are looking for those who are ready to take on a lead role in addressing security issues across one of the largest and diverse companies in the world. Security issues at such scale and speed require a passion for defining and implementing robust solutions.
Joining the Information Security team provides the unique challenge and opportunity to solve security issues across a diverse set of global businesses. The ideal candidate will draw upon exemplary project management capabilities, critical thinking, problem-solving skills, and a passion for creating reliable, maintainable, and secure solutions. The candidate should be open to new challenges, proficient at multi-tasking, innovative, self-directed, and a great team player. Candidates should drive continuous process improvement and collaborate effectively with cross-functional business and security teams to solve problems and implement solutions. The candidate will interact with a broad cross-section of the Amazon organization, spanning a wide range of technologies.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
This position may be located in Austin, TX, Arlington VA or New York, NY and domestic relocation is available.
- Bachelor’s degree in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics or related discipline, or additional equivalent technology experience
- 6 + years of experience in identifying security issues and risks, and developing mitigation plans
- 4+ years of experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services
- 4+ years of scripting or programming experience in Ruby, , Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages
- 2+ years of experience in one or more of the following areas: identity and access management, , web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments
- Proven track record of leading the delivery and operations of large-scale, mission-critical distributed systems
- Deep hands-on technical expertise in Cyber Security and at least one relevant technical area: large scale systems engineering, queuing and messaging, Linux networking, performance analysis, software-defined networking, etc.
- Experience managing complex projects, with significant bottom-line impact
- Experience playing a visionary technical leadership role within a large organization
- Have a clear understanding of cloud computing services/deployment architecture
- Demonstrate innovative security approaches in non-traditional IT environments
- Have experience generating automated to measure service and effectiveness and consistency
- Have excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences
- Have experience in the development of security products
- Demonstrable teamwork skills and resourcefulness
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
- Strong sense of ownership, urgency, and drive
- Sharp analytical abilities and proven design skills
- Experience defining cyber-secure architectures, design and development of asynchronous messaging platforms
- Knowledge of networking protocols and their implementations
- Strong knowledge of data structures, algorithms, asynchronous architectures and distributed algorithms
- Deep understanding of system performance tradeoffs, load balancing, and engineering for high availability
- Masters or PhD in Computer Science or Computer Security