Director, Global Security, Professional Services

Security is a top priority and key part of AWS's success. As expected, our enterprise customers focus on security and dive deep, while next generation customers that "get it also push us on security. Our continued growth requires both our customers to be secure, but also to feel secure. This executive leadership role owns the vision and execution that will propel worldwide Professional Services engagements to be conducted with the highest security standards.

In order to maintain customer trust, we need to continue to enhance the Professional Services delivery model to defend against the union of threats faced by any of our customers. We must do this while minimally impacting the pace of innovation within AWS and reducing customers time to value on engagements.

Getting this done requires technical leadership with broad knowledge of systems and services, both within AWS and across the industry. As AWS goes after new business opportunities, we're driven to enhance our security presentation to accommodate new verticals. The enhancements we drive on behalf of new customers will propagate beyond AWS Professional Services into teams across the company.

It is the job of this technical leader to ensure that our security voice is not only heard, but is invited into our customers' most critical discussions. They must be able to clearly articulate how we protect our customers' data, how our security can help enhance their business, and how we help them meet their compliance requirements. This leader will be seen as an industry expert, sought out for their voice and knowledge.

They will be recognized as an exemplary practitioner of the security arts. They'll be technically savvy while being balanced and pragmatic - helping our customers understand how our tools and capabilities can assist them in securing their businesses. Their technical knowledge will help educate our customers about trends, technologies, and approaches. We will combine their vision and our capabilities to drive fruitful and even game-changing technology choices.

Professional traits that are not unique to this position, but necessary for Amazon leaders:

• Excellent judgment
• Outstanding record of hiring and developing top talent
• Relentlessly high standards
• Strategic thinker able to lead tactical execution
• Innovator and problem solver
• Thinks big and has convictions
• Results oriented
• Innate ability to inspire passion in others

Basic Qualifications

As the leader of our engagement security operations & workload security teams worldwide, you will be first and foremost an owner. You will own the process of building your team - identifying the skills you require, recruiting and hiring the right staff, and advancing the state of the art. You will be expected to own operational security practices, clearly communicate goals and expectations with stakeholders, proactively identify and manage delivery risks, resolve issues, escalate when appropriate - all to drive successful customer outcomes on every engagement.

You will mentor high potential managers, helping develop them into owners of technical or operational domains in their own right. In many cases, the solutions to our security concerns lie in new services or techniques not previously considered. Were pioneering a whole new industry, and thus we need to build the protection and detection mechanisms that go with it.

15+ years of experience hiring and leading diverse multi-functional teams
7+ years of experience leading security operations
Experience assessing or building complex technical processes or building technology products or services
Experience in working with software engineers in designing systems and defining technical requirements and seeing them through to development and release
Experience working in regulated industries such as financial services, healthcare, defense or similar industries that deal with critical and sensitive data
Experience with multiple compliance standards, such as: PCI DSS, SOC 1/2/3, ISO 27001/27017/27018, FedRAMP, HIPAA, IRAP, FISC, K-ISMS, MTCS, or C5
Strong verbal and written communications skills are a must, as well as the ability to work effectively across internal and external organizations
Bachelor's Degree in Computer Science, Information Systems Management, Mathematics, Accounting/Auditing, or other related fields

Preferred Qualifications

This position has a high level of exposure, and you will need to be a strong leader, able to communicate clearly and compellingly at all levels of the company. Most important is your attitude and work ethic: leading a team of business and technology builders. As a global business with a Day One start-up mentality, we will wear many hats, work fast and smart, and adapt and iterate quickly. We're looking for someone who is ready to roll-up their sleeves and join a tightly-knit team that is tacking a really interesting and challenging global initiative.

• Experience in technical security design or compliance consulting or advisory work in support of a highly technical environment
• Solid technical background will some demonstrable understanding of cloud services/deployment architecture (ideally AWS cloud services offering)
• Experience in performing and/or participating in technical security assessments in direct support of a major compliance effort (SOC, PCI, or ISO Certification)
• Experience auditing cloud environments
• A record of delivery of IT process improvement projects with technology processes and/or major tech companies
• Experience in IT program or project management, IT auditing, and/or control framework development and implementation
• Experience defining certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule
• Experience in performing technical assessments and audits of network, operating systems, application security, and auditing IT processes
• General understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments
• Experience in generating automated metrics to measure IT process effectiveness and consistency
• Work ethic based on a strong desire to exceed expectations
• Hands-on experience working successfully in a very fast-paced, results-oriented environment
• Strong bias for action with ability to prioritize, multi-task, and meet deadlines
• The ideal candidate is a recognized professional and respected voice in the information security and compliance community

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.