Technical Program Manager, Information Security
Seattle (King County) Project / Product management
Job description
DESCRIPTION
Amazon.com is looking for a Technical Program Manager (TPM) to plan and carry out difficult and complex InfoSec assignments. In this role, you will develop a deep knowledge of our systems, create and manage end-to-end remediation projects, and handle incident and investigations management to include reporting to executive leadership. You will get the opportunity to partner with Legal, product, and engineering teams to build cross-functional relationships that will support implementation of security policies and controls. If you have a roll up your sleeves and work attitude, enjoy working in a rapidly changing environment, and influencing the strategic direction of a large global organization, this position will present you with challenging opportunities.
Key tasks include:
· Help partners and business teams understand risk and compliance findings, scope/develop remediation strategies, and drive end-to-end implementation projects.
· Characterize and detail the requirements for security control and policy implementation.
· Develop and maintain strong working relationships with technical and non-technical teams involved with information security and privacy (Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.).
· Define metrics and regular reporting mechanisms to measure employee awareness and understanding of security policies across Amazon.
· Build and execute communication and marketing strategies focused on IT controls and regulatory frameworks.
· Write and deliver high-quality documentation for technical and non-technical audiences.
· Support ad-hoc data analysis requests.
Desired profile
BASIC QUALIFICATIONS
· Bachelor's degree in Information Systems Management, Computer Science or related technical field.
· 3+ years of Technical Program Management experience.
· 5+ years of assessing/auditing and familiarity with PCI DSS, ISO 27001, HIPAA, or NIST frameworks.
· Demonstrated track record of delivering IT process improvement projects.
· Understanding of IT related controls, security policies, and implementation.
· Demonstrated experience with stakeholder management, project management, and leading through influence.
· Technical knowledge in at least one security domain such as engineering, system and network security, authentication or security protocols.