Principal Risk Manager, Governance

4 days ago


Austin, United States Amazon Full time

Description

Come be a part of a rapidly expanding $35 billion-dollar global business. At Amazon Business, a fast-growing startup passionate about building solutions, we set out every day to innovate and disrupt the status quo. We stand at the intersection of tech & retail in the B2B space developing innovative purchasing and procurement solutions to help businesses and organizations thrive. At Amazon Business, we strive to be the most recognized and preferred strategic partner for smart business buying. Bring your insight, imagination and a healthy disregard for the impossible. Join us in building and celebrating the value of Amazon Business to buyers and sellers of all sizes and industries. Unlock your career potential.

We are seeking a Security Risk Manager from diverse backgrounds, who are creative problem solvers and passionate about delivering solutions that improve both user experience and security while meeting internal and external standards and compliance requirements.

In this role, you will work across many stakeholders to design solutions that meet global industry standards and regulatory requirements. As part of the team, you will identify industry requirements, evaluate compliance requests, and deliver results that demonstrate the effectiveness of Amazon's internal security controls. In this highly visible role, you will partner with stakeholders across Amazon to execute a risk management approach, identify risks, and act as a thought leader who recommends and leads risk mitigation strategies with system and product owners across Amazon Business. You’ll apply your creative problem-solving skills and work with service teams and partner security teams to provide assurance to customers, as well as, design, build, and execute high-impact security or compliance programs.

Key job responsibilities

You will be responsible for a set of long-term security outcomes. Your day-to-day job responsibilities will include:

• Building ISO 27001, SOC2, and other security and privacy certifications and attestation programs, identifying applicable security controls, assessing compliance gaps and readiness, developing remediation strategies, and driving remediation activities to completion;

• Driving certifications and assessments programs by liaising with external auditors and other Amazon security teams, articulating control implementation and impact, and establishing considerations for applying security, privacy, and compliance concepts to a technical cloud environment;

• Developing and implementing comprehensive security risk management strategies and frameworks to proactively identify, assess, mitigate and monitor security risks to the organization.

• Overseeing the organization's security risk management program, including conducting risk assessments, threat analysis, and vulnerability testing.

• Delivering recommendations and risk interpretations in a clear, concise and audience-specific format

• Developing broad domain and technical knowledge in AWS and Amazon security solutions including the operational processes and controls in place that support InfoSec compliance programs;

• Communicating to key stakeholders and leadership the operational processes around Amazon security practices and how controls are implemented across the environment;

• Communicating to leadership key risks and areas of program improvement, as well as, seek diverse opinions and coordinate improvement efforts;

• Working closely with engineering, compliance, security, and Legal teams to meet compliance and regulatory requirements and design compliance solutions;

• Serving as a subject matter expert and advisor on complex security risk issues.

Basic Qualifications

• Bachelor’s Degree in Computer Science, Information Systems Management, Cyber Security, Mathematics, Accounting/Auditing, or other related fields

• 10+ years of experience in security risk management, regulatory, or compliance role, preferably in a large, complex organization.

• Knowledge of risk management methods and industry best practices.

• 5+ years of experience in performing implementation and technical audits/assessments in direct support of a major compliance effort (e.g., ISO 27001, SOC 2, or NIST 800 series frameworks)

• CISSP, CISA, CISM, CIA or other comparable security controls or audit certifications

• Analytical decision making with a demonstrated ability problem solve, make decisions in complex situations and drive issues to completion.

• Proven history of working effectively across cross-functional teams and business functions to drive positive change.

Preferred Qualifications

• 7+ years of technical program management experience

• Experience in technical security design in support of a highly technical DevSecOps and cloud environment

• Knowledge of software development lifecycles and modern transaction processing environments.

• Experience evaluating the design and effectiveness of security controls and experience working with auditors/regulators

• Skilled in making complex business/risk trade-off recommendations and decisions

• Experience communicating audit/assessment results and remediation plans with leadership, and prioritizing and remediating findings with service/system owner

• Excellent written and verbal communication and stakeholder management skills to influence decision-makers.

• Strategic thinking ability to align security risk management with broader business objectives.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $129,800/year in our lowest geographic market up to $214,500/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.



  • Austin, United States Environmental Resources Management Full time

    Principal Technical Consultant, Environmental Toxicologist and Ecological Risk Assessor (Principal Level) ERM is looking to hire an experienced Principal Technical Consultant, Environmental Toxicologist and Ecological Risk Assessor to join our growing Risk Assessment practice in Austin, TX. The successful candidate will produce and direct expert ecological...


  • Austin, Texas, United States Intersect Power Full time

    About This PositionThe Texas State Government Affairs Manager is a key role within the Government Affairs team at Intersect Power. This position tracks relevant Texas state legislative and regulatory activity in support of the company's development activities. The role involves interfacing with stakeholder groups, including farming and ranching interests,...


  • Austin, Texas, United States Environmental Resources Management Full time

    We require a Principal Toxicology Expert to join our Risk Assessment practice in the US.About the PositionThe successful candidate will have a Master's Degree or Ph.D. in toxicology, environmental toxicology, chemistry, ecology, or a related life science discipline, and 10+ years of relevant experience in consulting. The role involves managing, directing,...


  • Austin, Texas, United States Q2 Full time

    At Q2, we are seeking a highly experienced Compliance and Governance Expert to join our Q2 Legal department. As a key member of our team, you will play a critical role in ensuring that our business operations align with regulatory requirements and industry standards. With a strong focus on risk management, you will help identify and mitigate potential risks...


  • Austin, United States Synopsys Full time

    We Are: At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the...


  • Austin, Texas, United States RTX Full time

    **Company Overview**RTX is a pioneer in aerospace and defense, driving innovation and excellence. We strive to create a safer, more connected world by solving complex problems.**Job Summary**The Principal Specialist, Cyber Security & Risk Management Auditor will join our GRC team to evaluate and improve our security controls. This role requires expertise in...


  • Austin, Texas, United States Austin Community College Full time

    About the RoleThis Adjunct Faculty position in Government is an exciting opportunity for experienced professionals to share their knowledge and passion for the subject with students at Austin Community College. As a key member of our faculty team, you will be responsible for delivering high-quality instruction and contributing to the development of our...


  • Austin, Texas, United States A+ Federal Credit Union Full time

    About the Role:">We are seeking an experienced Risk Management Director to oversee and manage our Enterprise Risk Management (ERM) Program.The successful candidate will design and execute holistic risk-based programs, evaluations, and solutions to enhance our ERM Program. The primary purpose of this position is to assist us in instituting a framework that...


  • Austin, United States Intersect Power Full time

    Company Overview Intersect Power is a team of friends driven to preserve our planet for future generations through low-carbon energy and infrastructure solutions. Intersect Power is a privately held clean energy company bringing innovative, scalable, American-made, low-carbon solutions to its customers in global energy markets. We develop, own, and operate...

  • Data Governance SME

    3 days ago


    Austin, United States Numentica LLC Full time

    Job DescriptionJob DescriptionThis is a remote position.There is a DG SME resource for a project that will be needed for 6 to 8 weeks. The Data Governance Subject Matter Expert (SME) will be working closely with the client business owner, will analyze current data artifacts, identify needs and enhancements. This role requires close collaboration with...


  • Austin, Texas, United States Raytheon Full time

    About This OpportunityAt Raytheon, we are committed to helping our nation and allies defend freedoms and deter aggression. Our team of experienced engineers brings together renowned expertise and a passion for innovation to meet the needs of today's mission and stay ahead of tomorrow's threat.Job SummaryWe are seeking an exceptional Principal Systems...

  • Principal Architect

    1 week ago


    Austin, United States Northern Impact Full time

    OverviewNational Award-Winning Studio & Winner of Design Firm of the Year is actively seeking a Principal Architect to join their Austin office. The award-winning architecture + design firm specializes in K-12 through college/university, healthcare, sports and corporate business sectors across the U.S. The company has won over 500 design awards and is...

  • Principal Architect

    1 week ago


    Austin, United States Northern Impact Full time

    Job DescriptionOverviewNational Award-Winning Studio & Winner of Design Firm of the Year is actively seeking a Principal Architect to join their Austin office. The award-winning architecture + design firm specializes in K-12 through college/university, healthcare, sports and corporate business sectors across the U.S. The company has won over 500 design...


  • Austin, Texas, United States Amazon Full time

    At Amazon, we're seeking a highly skilled Risk Management Specialist to join our team. As a key member of our organization, you will play a vital role in driving investigation improvements through the development and implementation of operational compliance frameworks, policies, and procedures.This position requires a strong technical understanding of...


  • Austin, Texas, United States Amazon Full time

    Job DescriptionWe are seeking an experienced Risk Compliance Manager to drive investigation improvements through development and implementation of operational compliance frameworks, policies, and procedures. This includes leading the identification, assessment, and monitoring of key operational risk indicators, areas of improvements, and recommending...

  • Chief Risk Officer

    7 days ago


    Austin, Texas, United States Whitehat Virtual Technologies Full time

    Security Program ManagementThe Security Compliance Director is responsible for developing, implementing, and maintaining a comprehensive security program that ensures internal and regulatory controls are achieved. This includes identifying and mitigating risks, developing security policies and standards, and managing audit activities.Key...


  • Austin, Texas, United States RTX Full time

    About the RoleThis is an exciting opportunity to join our team as a Principal Cybersecurity Specialist, where you will play a key role in ensuring the security and integrity of our digital assets. You will be responsible for assessing our security and operational controls, identifying potential risks and vulnerabilities, and implementing measures to mitigate...


  • Austin, Texas, United States Saltu Staffing Full time

    Overview:Saltu Staffing is looking for a senior-level Civil Engineer to lead our Central Texas team. The ideal candidate will have a proven track record in civil engineering and excellent leadership skills.Responsibilities:Lead a team of experienced civil engineers, focusing on water resources, water/wastewater treatment, transportation and/or stormwater...


  • Austin, United States Health Care Service Corporation Full time $88,700 - $160,200

    At HCSC, our employees are the cornerstone of our business and the foundation to our success. We empower employees with curated development plans that foster growth and promote rewarding, fulfilling careers.Join HCSC and be part of a purpose-driven company that will invest in your professional development.This position is responsible for enhancing...


  • Austin, United States Health Care Service Corporation Full time $88,700 - $160,200

    At HCSC, our employees are the cornerstone of our business and the foundation to our success. We empower employees with curated development plans that foster growth and promote rewarding, fulfilling careers.Join HCSC and be part of a purpose-driven company that will invest in your professional development.This position is responsible for enhancing...