Senior Audit Specialist, US ADC Security Audit and Risk Management Team
Arlington, Virginia, USA
Full Time Senior-level / Expert Clearance required USD 80K - 150K * est.
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
As an Audit Specialist, you will work with Amazon technical business leaders (such as hardware and software engineering leaders and technical program managers) to conduct internal program reviews, facilitate external audits, and manage security risk.
Amazon Web Services (AWS) is the leading cloud provider, providing infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS’s multi-tenant infrastructure. Governmental organizations are also looking to, and depending on, AWS for cloud solutions and services. Amazon Security is looking for an Audit Specialist who will contribute to a small but growing audit and risk management team who supports government workloads.
The person hired in this role will be responsible for assisting with the System Organization Controls (SOC) audits of US Dedicated Cloud regions. In furtherance of that effort, you will engage with external auditors to understand their needs and procure audit artifacts. You will also engage internally with AWS teams to explain audit requests, review evidence, and understand AWS processes. In addition to SOC examinations, you will conduct internal reviews to identify risk, design and implement internal controls, and meet with stakeholders to remediate audit findings. You will also be expected to develop competency in, or already have a working knowledge of, other regulatory requirements such as Sarbanes-Oxley Act (SOX) audits. You will coordinate with your commercial audit counterparts to complete large projects and leverage best practices. The team you will be part of leads a security risk management program. As a member of the team, you will help assess risks and determine areas for internal audits based on risk.
In this role, you will gain valuable exposure to many areas within AWS. You must be able to work independently and remain flexible. You will need to prioritize workloads and maintain strong attention to detail in a fast-paced environment. You must be able to understand complex business processes and identify internal control gaps and risks. You must have good analytical skills, solid business judgment, and the capability to drive results.
An ideal candidate for this role will have experience tackling challenging problems that span multiple organization units and developing solutions. The candidate will have strong audit, internal control, and information technology knowledge. A person in this role must have the ability to interpret contractual and regulatory compliance obligations and assess AWS compliance. This position requires coordination, communication, and buy-in with various teams. The ideal person is self-driven, works well with others, and can build long term relationships across AWS.
This position requires the candidate selected be a US Citizen and must currently possess an active TS/SCI security clearance with polygraph and satisfy other security related requirements.
Key job responsibilities
• Interpreting contractual and regulatory audit and compliance requirements and developing plans for AWS compliance
• Coordinating with external auditors and AWS service and operations teams to obtain audit evidence
• Working across a wide variety of AWS teams to assess internal controls, identify opportunities for improvement, and document conclusions
• Tracking audit remediation actions and driving corrective actions
• Conducting internal reviews and risk assessments
• Partnering with AWS’ commercial business to establish best practices
About the team
Our team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we’re building an environment that celebrates knowledge sharing and mentorship.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.
• This position requires that the candidate selected be a US Citizen and must currently possess an active TS/SCI security clearance with polygraph and satisfy other security related requirements
• 7+ years experience in audits, internal control, or process improvement at a large scale
• Experience advising peers and managers and working across teams to achieve objectives
• Ability to think critically and design processes to achieve business strategies
• Ability to communicate clearly and effectively
• 3+ years working as an external or internal auditor.
• Certified Information System Auditor (CISA), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA)
• Experience working as an audit liaison for external audits
• Experience working on SOC audits
• Experience working with internal stakeholders to develop action plans to remediate complex problems
• Experience working with information technology standards and controls in the federal government, including National Institute of Standards and Technology (NIST) publications, Intelligence Community Directives, and Department of Defense standards.
• Experience with SQL and data analytics
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Amazon Web Services (AWS) is the leading cloud provider, providing infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS’s multi-tenant infrastructure. Governmental organizations are also looking to, and depending on, AWS for cloud solutions and services. Amazon Security is looking for an Audit Specialist who will contribute to a small but growing audit and risk management team who supports government workloads.
The person hired in this role will be responsible for assisting with the System Organization Controls (SOC) audits of US Dedicated Cloud regions. In furtherance of that effort, you will engage with external auditors to understand their needs and procure audit artifacts. You will also engage internally with AWS teams to explain audit requests, review evidence, and understand AWS processes. In addition to SOC examinations, you will conduct internal reviews to identify risk, design and implement internal controls, and meet with stakeholders to remediate audit findings. You will also be expected to develop competency in, or already have a working knowledge of, other regulatory requirements such as Sarbanes-Oxley Act (SOX) audits. You will coordinate with your commercial audit counterparts to complete large projects and leverage best practices. The team you will be part of leads a security risk management program. As a member of the team, you will help assess risks and determine areas for internal audits based on risk.
In this role, you will gain valuable exposure to many areas within AWS. You must be able to work independently and remain flexible. You will need to prioritize workloads and maintain strong attention to detail in a fast-paced environment. You must be able to understand complex business processes and identify internal control gaps and risks. You must have good analytical skills, solid business judgment, and the capability to drive results.
An ideal candidate for this role will have experience tackling challenging problems that span multiple organization units and developing solutions. The candidate will have strong audit, internal control, and information technology knowledge. A person in this role must have the ability to interpret contractual and regulatory compliance obligations and assess AWS compliance. This position requires coordination, communication, and buy-in with various teams. The ideal person is self-driven, works well with others, and can build long term relationships across AWS.
This position requires the candidate selected be a US Citizen and must currently possess an active TS/SCI security clearance with polygraph and satisfy other security related requirements.
Key job responsibilities
• Interpreting contractual and regulatory audit and compliance requirements and developing plans for AWS compliance
• Coordinating with external auditors and AWS service and operations teams to obtain audit evidence
• Working across a wide variety of AWS teams to assess internal controls, identify opportunities for improvement, and document conclusions
• Tracking audit remediation actions and driving corrective actions
• Conducting internal reviews and risk assessments
• Partnering with AWS’ commercial business to establish best practices
About the team
Our team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we’re building an environment that celebrates knowledge sharing and mentorship.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon conferences. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.
Basic Qualifications
• This position requires that the candidate selected be a US Citizen and must currently possess an active TS/SCI security clearance with polygraph and satisfy other security related requirements
• 7+ years experience in audits, internal control, or process improvement at a large scale
• Experience advising peers and managers and working across teams to achieve objectives
• Ability to think critically and design processes to achieve business strategies
• Ability to communicate clearly and effectively
Preferred Qualifications
• 3+ years working as an external or internal auditor.
• Certified Information System Auditor (CISA), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA)
• Experience working as an audit liaison for external audits
• Experience working on SOC audits
• Experience working with internal stakeholders to develop action plans to remediate complex problems
• Experience working with information technology standards and controls in the federal government, including National Institute of Standards and Technology (NIST) publications, Intelligence Community Directives, and Department of Defense standards.
• Experience with SQL and data analytics
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: Analytics Audits AWS CIA CISA Clearance Cloud Compliance Data Analytics NIST Polygraph Risk assessment Risk management Security Clearance SOC SOX SQL TS/SCI
Perks/benefits: Conferences Flex hours Team events
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Officer jobsSenior Security Analyst jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSystems Administrator jobsSenior Network Security Engineer jobsSenior Information Security Analyst jobsCyber Security Specialist jobsIT Security Engineer jobsChief Information Security Officer jobsSecurity Specialist jobsIT Security Analyst jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobsCyber Security Architect jobs
GDPR jobsSaaS jobsEncryption jobsSplunk jobsSQL jobsBash jobsEDR jobsMalware jobsTop Secret jobsThreat detection jobsFinance jobsSDLC jobsIDS jobsRMF jobsForensics jobsTerraform jobsIPS jobsDocker jobsITIL jobsIntrusion detection jobsCompTIA jobsActive Directory jobsSOC 2 jobsOWASP jobsDoDD 8570 jobs
CRISC jobsSAP jobsGIAC jobsUNIX jobsAnsible jobsHIPAA jobsSANS jobsCCSP jobsOSCP jobsVPN jobsTCP/IP jobsBanking jobsJira jobsIT infrastructure jobsJavaScript jobsMITRE ATT&CK jobsSOX jobsSOAR jobsMachine Learning jobsIndustrial jobsData Analytics jobsClearance Required jobsVMware jobsPolygraph jobsNIST 800-53 jobs