Job details
Job type full-time
Full job description
5+ years of cybersecurity experience
3+ years of software & application security experienceA solid understanding of the design approaches and industry technologies utilized in software & application security.
Security-related certifications (i.e., cissp, cism, sans giac)
Bachelor’s degree in cybersecurity, computer science, engineering, or related field
Job summary
The software security program is looking for an industry specialist to join our teamOur team’s mission is to protect our customers from software and hardware cybersecurity risks throughout the customer supply chain, which includes global fulfillment centers, amazon transportation systems, and delivery servicesThis role will be laser focused on the delivery services business unitYou will work strategically and tactically with engineering teams, management, and our customers to manage the lifecycle of a complex cross-functional software security programKey responsibilities are as follows:
Governance & strategy
Identify the systemic risks across our delivery services business unit.
Manage the lifecycle of a complex cross-functional security programBreak abstract goals into attainable, measurable work itemsDocument and help execute multi-year project plans that drive secure software and hardware development and vulnerability management initiatives.
Act as scrum master for the engineering teamsCollaborate with the business/customer, engineering, and other internal teams to scope and deliver security initiativesProactively solve day-to-day strategic and technical challengesProactively identify risks and bring them to the attention of our engineers and stakeholders with plans for mitigation before they become roadblocksPerform the administrative needs to keep the team organized along with using agile/kanban best practices.
Provide strategic and tactical program recommendations using a deep knowledge of the larger business picture (i.e., customer experience, organization goals, opportunities, problems) and the technical requirements of the solutions or security services usedHave a moderate understanding of the cybersecurity threats and risks the business/customer faces.
Manage expectations around project scope, requests, and schedule with multiple stakeholdersFoster a constructive dialogue, harmonize conflicting views, and lead the resolution of contentious issues (build consensus).
Communicate changes, verbally and in writing, to various audiences, including directors and vps.
Role model and foster an environment of continuous improvementRoutinely look for ways to simplify or innovate mechanisms to increase the team’s productivity (efficiency) and the team’s effectiveness (identifying and solving ambiguous security problems to make security simpler).
Security assessments & developer enablement
Manage the intake of security services and conduct technical kick-off sessions to allow our security engineers to perform assessments more efficiently.
Provide skilled advice and consultancy to internal customers on risk assessment, threat modeling, and fixing vulnerabilities.
Master`s degree or advanced technical degree
Experience defining kpi’s/sla’s used to drive security decisions
Experience generating automated metrics to measure service and program risk, effectiveness and consistency
Excellent written and verbal communication skills with the ability to present complex technical information clearly and concisely to a variety of audiences
Knowledge of application security vulnerabilities and remediation techniques
An entrepreneurial spirit with the ability to drive innovation independently
Experience with agile and kanban methodologies
Amazon is committed to a diverse and inclusive workplaceAmazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected statusFor individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Pursuant to the los angeles fair chance ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Pursuant to the san francisco fair chance ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Workers in new york city who perform in-person work or interact with the public in the course of business must show proof they have been fully vaccinated against covid or request and receive approval for a reasonable accommodation, including medical or religious accommodation.
Hiring insights
Job activity
Posted 30+ days ago