Senior Security Assurance Specialist

Description Do you have a passion for applying cutting‑edge technologies and automation in traditionally manual processes? Do you have experience in finding innovative solutions to scale security controls across diverse teams and technologies? Do you have ideas about influencing the future of security assurance? At Amazon, security is our highest priority.

Come, join a creative team at Security Assurance dedicated to demonstrating the security controls of the services we offer here. At Amazon’s scale, we are committed to inventing new ways to provide the highest level of assurance to our most regulation‑conscious customers. You have a strong foundation in audit principles, as well as a diverse technology background. As part of the team, you will work with customers and regulators to demonstrate Amazon’s security controls applicable to local requirements.

You will help customers understand how our infrastructure is designed, operated, maintained, and protected in accordance with global regulated industry standards. You will help inspire, lead, and transform our audit and compliance programs through innovative process engineering across multiple organizations and teams, engaging technical and non‑technical stakeholders throughout the company. Your combination of technical and audit background will help bridge security, technology, and compliance, and facilitate the scale of the program. The successful candidate loves working across many stakeholders, including internal and external customers, to design solutions for complex compliance challenges.

You are passionate about the security of the cloud and want to solve real business problems. Our team culture encourages ownership, diversity, inclusion, and innovation. We expect team members and management alike to take a high degree of ownership for their program vision and execution of ideas. We expect this person to balance their unique perspective with those of the diverse perspectives of the team and its stakeholders.

You will have an opportunity to work directly with senior leadership within Amazon to improve our ability to demonstrate assurance for regulated customers. You should be a technically experienced and innovative security, compliance, and audit professional who can understand IT processes, communicate clearly with customers, and drive innovative process changes through multiple organizations and teams. Key Job Responsibilities Deep dive into the Amazon control environment to develop a broad domain and technical understanding of our security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions. Develop a deep understanding of regulated industry compliance requirements and communicate how we control activities to meet global regulatory obligations.

Liaise with customers, regulators, and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to monitor, evaluate, and continuously improve the organization by being a trusted advisor, facilitator and creative problem‑solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization. Apply a working knowledge of global information security regulation and policy to articulate customer and control impact and drive alignment to Amazon controls.

About the Team Diverse Experiences – AWS Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Why AWS Security At AWS, security is central to maintaining customer trust and delivering delightful customer experiences.

Our organization is responsible for creating and maintaining a high bar for security across all of AWS’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Inclusive Team Culture Here at Amazon, we embrace our differences. We are committed to furthering our culture of inclusion.

We have ten employee‑led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust. Work/Life Balance Our team puts a high value on work‑life balance.

It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life‑long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives. Mentorship & Career Growth Our team is dedicated to supporting new members.

We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better‑rounded professional and enable them to take on more complex tasks in the future. Basic Qualifications This role requires you to be a national of an EU member state. Bachelor’s, Master’s or Diploma in Computer Science, Information Systems Management, Mathematics, Accounting/Auditing, Cybersecurity or other related fields. 10+ years of working experience in performing and/or participating in IT audits and assessments of highly technical cloud‑based environments. 10+ years working in highly regulated industries (e.g. financial services, healthcare, energy, telecommunications), including direct work with European audits and frameworks such as DORA.

Auditors who have experience conducting IT audits based on ISAE 3402.

Experience

auditing COBIT, ITIL, and IT‑Grundschutz as well. 1 or more industry‑recognized security, cloud, or audit professional certifications (e.g., CISA, CISM, CISSP, CCSP, Amazon Cloud Security Practitioner). Business‑level fluency in English is required for this role. Preferred Qualifications Experience in technical security design, compliance consulting, or advisory work in support of a highly technical environment. Solid technical background and some demonstrable understanding of cloud services/deployment architecture (ideally Amazon cloud services offering).

Deep understanding of regulatory guidance, FCA guidance FG16/5, DORA requirements for Critical Service Provider, C5 requirements of the Federal Office of Information Security of Germany and other applicable standards and requirements. A record of delivery of IT process improvement projects with technology processes and/or major tech companies along with generating automated metrics to measure effectiveness and consistency.

Experience

in IT program or project management, IT auditing, and/or control framework development and implementation.

Experience

building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule. A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments.

Experience

with Governance, Risk, and Compliance tools and technology. Strong bias for action with ability to prioritize, multi‑task, and meet deadlines. Strong verbal and written communication skills are a must, as well as the ability to work effectively across internal and external organizations. Amazon is an equal opportunities employer.

We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon.

Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner. #J-18808-Ljbffr