Assurance Program Manager, AWS Compliance & Security Assurance

Amazon

Seattle, WA

Apply

JOB DETAILS

SKILLS

Access Control, Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), Amazon Web Services (AWS), American Institute of Certified Public Accountants (AICPA), Auditing, Automation, CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, Certified Public Accountant (CPA), Change Management, Cloud Computing, Communication Skills, Computer Science, Continuous Improvement, Cross-Functional, Cryptography, Customer Experience, Design Evaluation, Develop and Maintain Customers, External Audit, Financial Audit, Healthcare, ISO (International Organization for Standardization), Industry Standards, Informatics, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Leadership, Legal, Maintain Compliance, Management of Information Systems/Technology (MIS), Materials Management, Mathematics, Onboarding, PCI, Physical Security, Platform as a Service (PaaS), Process Improvement, Project Tracking, Project/Program Management, Requirements Management, Retail, Risk Management, Security Compliance, Security Consulting, Software Engineering, Software as a Service (SaaS), Statistics, Technical Analysis, Third-Party Payer, Time Management

LOCATION

Seattle, WA

POSTED

1 day ago

Description Are you passionate about delivering security assurance at scale and see compliance as a business enabler? Amazon Web Services (AWS) is looking for a Senior Compliance Program Manager to join our Third-Party Assurance team within AWS Security Assurance. In this role, you will own and drive the delivery of AWS's SOC compliance programs, ensuring that AWS continues to meet the highest standards of security and compliance that our customers depend on. You will partner with independent external auditors, AWS service teams, and internal compliance stakeholders to manage the full audit lifecycle from planning and evidence collection through execution, reporting, and continuous improvement. You will serve as the bridge between technical teams and auditors, translating complex control implementations into clear, structured compliance narratives. This role requires a technically experienced compliance professional who can dive deep into cloud infrastructure controls, communicate effectively with both auditors and engineers, and drive process improvements that scale across a rapidly growing portfolio of services and compliance programs. Key job responsibilities Own end-to-end delivery of SOC audit engagements, managing scope, timelines, evidence collection, auditor coordination, and report issuance to achieve clean opinions on schedule. Serve as the primary liaison between independent external auditors and AWS control owners, articulating control design and operating effectiveness, managing auditor inquiries, and coordinating walkthroughs and interviews. Drive the SOC control lifecycle, evaluating new controls for onboarding, managing material control changes, coordinating remediation of findings, and maintaining evidence baseline packages for cross-program reuse. Develop deep technical understanding of AWS's control environment, including infrastructure security, change management, access controls, encryption, and physical security, and translate that understanding into compliance narratives auditors can rely on. Reduce builder burden by streamlining evidence collection, consolidating overlapping auditor requests across programs, and investing in automation and self-service evidence mechanisms. Monitor evolving audit standards and industry frameworks (AICPA Trust Services Criteria, SSAE 18) and proactively assess impact on AWS's control environment and reporting obligations. Drive continuous improvement by identifying opportunities to strengthen controls, improve audit efficiency, and enhance the quality and reusability of evidence across SOC, ISO, PCI, and other compliance programs. Communicate program status, risks, and outcomes to senior leadership with clarity and precision, including assessment progress, remediation tracking, and strategic roadmap updates. Partner cross-functionally with internal security, compliance, engineering, and legal teams to ensure alignment across the compliance portfolio. About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Why Amazon Security? At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Inclusive Team Culture In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Training & Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve. Basic Qualifications - Bachelor's degree or equivalent in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics, or a related discipline, or equivalent technology experience - Bachelor's Degree in Accounting, Auditing, Information Systems Management, Computer Science, Informatics, or related field - 7+ years of experience in security or compliance consulting/advisory work in support of a highly technical environment - 7+ years of experience performing and/or participating in technical assessments in direct support of a major compliance effort (e.g., SOC 1, SOC 2, PCI, HITRUST, or ISO) Preferred Qualifications - 7+ years of HR, privacy, legal, compliance or risk management experience - Experience managing SOC 1 and/or SOC 2 audit programs end-to-end (planning, fieldwork, evidence collection, auditor engagement, report issuance) - Experience working directly with external auditors or as an auditor, with a detailed understanding of evaluating the design and operating effectiveness of IT controls - Experience in cloud technologies, deployment models (IaaS/PaaS/SaaS), familiarity with AWS core services (EC2, S3, KMS, etc.), and auditing cloud environments - Experience engaging builder/engineering teams in defining technical requirements and seeing them through to development and release - Experience building certification roadmaps based on customer requirements and ensuring committed assessments are delivered on schedule - Experience in IT program/project management, IT auditing, and/or control framework development and implementation - Professional certifications: CISA, CISSP, CPA, or equivalent Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits . USA, VA, Herndon - 119,300.00 - 208,900.00 USD annually USA, WA, Seattle - 119,300.00 - 208,900.00 USD annually

About the Company

Amazon

At Amazon, we don’t wait for the next big idea to present itself. We envision the shape of impossible things and then we boldly make them reality. So far, this mindset has helped us achieve some incredible things. Let’s build new systems, challenge the status quo, and design the world we want to live in. We believe the work you do here will be the best work of your life.

Wherever you are in your career exploration, Amazon likely has an opportunity for you. Our research scientists and engineers shape the future of natural language understanding with Alexa. Fulfillment center associates around the globe send customer orders from our warehouses to doorsteps. Product managers set feature requirements, strategy, and marketing messages for brand new customer experiences. And as we grow, we’ll add jobs that haven’t been invented yet.

It’s Always Day 1
At Amazon, it’s always “Day 1.” Now, what does this mean and why does it matter? It means that our approach remains the same as it was on Amazon’s very first day – to make smart, fast decisions, stay nimble, invent, and stay focused on delighting our customers. In our 2016 shareholder letter, Amazon CEO Jeff Bezos shared his thoughts on how to keep up a Day 1 company mindset. “Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight,” he wrote. “A customer-obsessed culture best creates the conditions where all of that can happen.” You can read the full letter here

Our Leadership Principles
Our Leadership Principles help us keep a Day 1 mentality. They aren’t just a pretty inspirational wall hanging. Amazonians use them, every day, whether they’re discussing ideas for new projects, deciding on the best solution for a customer’s problem, or interviewing candidates. To read through our Leadership Principles from Customer Obsession to Bias for Action, visit https://www.amazon.jobs/principles

COMPANY SIZE

10,000 employees or more

INDUSTRY

Other/Not Classified

FOUNDED

1994

WEBSITE

http://Amazon.com/militaryroles

Resume Resources

Free Resume Templates Free Resume Builder