Security Ind Specialist - PKI, Amazon Trust Services

Amazon Web Services (AWS) is the leading cloud provider for services such as: remote infrastructure, storage, networking, analytics, and enterprise applications to help global organizations move faster, lower IT costs, and scale. Businesses, from start-ups to enterprises, and Government organizations, run their operations and applications on AWS’s multi-tenant infrastructure. Security is the #1 concern of customers moving to the cloud and the AWS Cryptography team is dedicated to providing the security features our customers need. We enable customers to confidently move sensitive workloads to the cloud where they can benefit from strong security controls that help meet internal and external compliance requirements. Amazon Trust Services is the certificate authority that powers AWS Certificate Manager and generates publicly trusted certificates providing strong identity and encryption to Amazon services and customers.

As a Compliance Expert in Amazon Trust Services, you will be a part of building and executing our program for evaluating compliance with industry standards (WebTrust, ETSI, ISO, SOC, PCI), EU regulations (eIDAS, NIST), and customer contractual requirements. You will have complete ownership and accountability of programs from start to finish, aimed at improving compliance and risk monitoring for our service. The successful candidate is comfortable interacting with both technology and business leaders across the organization at all levels. You will drive consensus among stakeholders and verify that controls are effective, or remediated to become effective. We value personality, insight, intellectual flexibility, and sound business judgment.

Amazon Trust Services is part of AWS Utility Computing (UC) that provides product innovations — from foundational services such as Amazon’s Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2), to consistently released new product innovations that continue to set AWS’s services and features apart in the industry. As a member of the UC organization, you’ll support the development and management of Compute, Database, Storage, Internet of Things (Iot), Platform, and Productivity Apps services in AWS. Within AWS UC, Amazon Dedicated Cloud (ADC) roles engage with AWS customers who require specialized security solutions for their cloud services.

Key job responsibilities
Your responsibilities will include the following:
· Translate customer compliance requirements into useable and scalable engineering and operational actions. Create documentation, compliance reports and articles to enable customer and auditor inquiries.
· Define, build and maintain compliance program(s), including scope identification and validation, periodic assessments, and continuous monitoring and guidance on evolving compliance requirements. Drive automation of evidence artifact collection and control automation with engineering teams.
· Develop weekly/monthly reports that capture key business trends, highlights, lowlights, and metrics as the compliance programs are conducted. Provide status, recommended updates, and detailed metrics and evidence.
· Clearly communicate vision, deliverables, and project status to management and key technical and business stakeholders.
· Establish credibility and maintain strong working relationships with groups involved with compliance matters.


A day in the life
Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfilment.

About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS?
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.
Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.

Basic Qualifications

· 5+ yrs of experience in information security and audit as an industry security specialist or security analyst, auditor, security engineer/architecture, security or compliance program manager, or other related experience.
· 5+ years of project management experience and demonstrated knowledge of program management best practices
· Skilled in risk management, business risk analysis, and making complex business/risk trade-off recommendations and decisions.
· Experience with implementation of security controls and driving rollout of controls.
· Project management experience and demonstrated knowledge of program management best practices

Preferred Qualifications

· Familiarity with public key infrastructure, information security principles and best practices, cryptography, certificates, or enterprise identity
· Experience with service-oriented architectures and web services security.
· Previous QSA or ISA experience.
· Security control and compliance experience in various frameworks such as: WebTrust, ETSI EN 319 411-1 and ETSI EN 319 411-2, PCI DSS, SOC, ISO, NIST, etc.
· Bachelor's degree in Engineering, Computer Science, Information Systems, Information Security or comparable experience.

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.

m/w/d

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.