Amazon Senior Manager Security Engineering AWS 

United States, Washington, Seattle 

423182822

You will also advise executive leadership by recommending information security investments which mitigate risks, strengthen defenses, and reduce vulnerabilities for business activities and operations across Sales, Marketing and Global Services (SMGS). You will collaborate with customer-facing business stakeholders, legal, human resources, compliance and privacy specialists, in addition to AWS Security, to define information security requirements, specify risk mitigation workflows and engage the appropriate stakeholders to maintain operational and reputational integrity.
• Best practices in information security around access control, authentication, identity management and incident response
• Security tooling such as telemetry (logging, alerting, monitoring), drift detection, anomaly detection
• Turning high-level policy goals into repeatable actions and measurable outcomes
• Collaborating with legal and compliance authorities within AWS to understand the impact of laws and regulations to inform technical and process work products and solutions.Key job responsibilities
• Driving security initiative planning, outcomes and improvements: Participate in wider leadership across the extended SMGS EngSec functions. Establish roadmap/strategic direction for our business generally and the team specifically
• Recruiting, team management and growth: Build, lead, and develop a high-performing security team with the right mix of skills. Assess performance and manage both high and low performers
• Processional development of team members: Define team goals, provide coaching, and foster a culture of innovation and collaboration. Hire, develop, and promote technical and non-technical team members
• Security guidance documentation, training and reviews: Assess security risks, establish mitigation strategies, and develop technical roadmaps. Partner with SMGS builder teams to understand requirements and integrate security seamlessly into their work with AWS customers
• Security Escalations: Independently make short-term vs. long-term risk decisions, escalating as required. Act as a point of escalation for high-judgement decisions on information security risk, incorporating advice from teams like AWS Legal, AWS Security, and executive leadership as required
• Metrics, projections and inspections: Implement success metrics, reporting, and processes that measure program outcomes and effectiveness
A day in the life
As Sr. Manager, Security Engineering leading our GRIPP team, you will often find yourself:
• Owning and driving large-scale programs and campaigns for awareness of policy or adoption of new mechanisms
• Using automation to scale our mechanisms across the business and minimize friction around security controls
• Owning security escalation action items and informing Senior Leadership on short/medium and long-term recommendations to triage escalations and mitigate risks
• Conversing with builder teams about security, risk, and regulatory requirements
• Diving deep into the control landscape and operations AWS services and features with our builder teams
• Collaborating with our Assurance, Legal, and partner Security teams
• Bar raising our deliverables and mentoring more junior team members and builders.Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance

- 10+ years of information security management
- Experience evaluating, recommending and implementing new and emerging security technologies such as AI, machine learning, and data science
- Experience managing/working with teams who use AWS

- • Experience working with regulatory frameworks, industry standards or laws, such as: ISO 27001, PCI DSS, HIPAA, GDPR
- • Experience with software development in large enterprise environments
- • Experience leveraging AI or machine learning to automate security at scale
- • Certifications or similar: AWS Certified Cloud Practitioner or equivalent experience, AWS Certified Security Specialist, Global cybersecurity certifications