Blink (Amazon’s subsidiary) Security team is growing and looking for a highly motivated security risk & compliance specialist to join our team and drive regulatory compliance requirements for our products. In this role, you will work collaboratively with various business and security teams across Amazon to identify compliance needs, assess the maturity of processes and controls, design, build, and execute high-impact security or compliance programs to ensure successful audit executions. You should be a technically experienced and innovative security, risk, compliance, and audit professional who has the ability to understand systems, security, and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams.
Key job responsibilities
• Understand and rationalize regulatory requirements for service and device security
• Proactively assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management, and third party risk issues and vulnerabilities by working with multiple stakeholder teams, including Privacy, Legal, HR, IT, etc
• Engage with the Business and SMEs to ensure compliance to information security policies
• Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
• Develop and maintain relevant security risk metrics to promote transparency across the organization; measures, monitors and reports on information security risks to management
• Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations.
• Provide business specific interpretations and support automation opportunities
• Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment
About the team
The Subsidiary & Acquisition Security team designs and engineers high-profile consumer devices, including the Ring, Blink, Amazon Keys, and Side walk family of products. The Subsidiary & Acquisition GRC team works to ensure that our services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders
Key job responsibilities
• Understand and rationalize regulatory requirements for service and device security
• Proactively assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management, and third party risk issues and vulnerabilities by working with multiple stakeholder teams, including Privacy, Legal, HR, IT, etc
• Engage with the Business and SMEs to ensure compliance to information security policies
• Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity
• Develop and maintain relevant security risk metrics to promote transparency across the organization; measures, monitors and reports on information security risks to management
• Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations.
• Provide business specific interpretations and support automation opportunities
• Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment
About the team
The Subsidiary & Acquisition Security team designs and engineers high-profile consumer devices, including the Ring, Blink, Amazon Keys, and Side walk family of products. The Subsidiary & Acquisition GRC team works to ensure that our services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders