Privacy Engineer, Incident Response, Devices & Services Trust, Privacy, and Accessibility (TPA)

Amazon

Bellevue, WA

JOB DETAILS
SKILLS
Access Control, Adjudication, Analysis Skills, Application Framework, Applications Security, Artificial Intelligence (AI), Authentication Software, Automation, Best Practices, C++ Programming Language, CCSP - Cisco Certified Security Professional, CEH - Certified Ethical Hacker, Cloud Computing, Code Reviews, Code of Federal Regulations, Communication Skills, CompTIA - Computing Technology Industry Association, Computer Science, Computer Security, Cross-Functional, Cryptography Software, Customer Relations, Data Analysis, Establish Priorities, Functional Programming Languages, GIAC - Global Information Assurance Certification, Go Programming Language (Golang), Identity Data Management, Incident Management, Incident Response, Information/Data Security (InfoSec), Internet Security, Java, Leadership, Legal, Machine Tool, Marketing, Mentoring, Metrics, Microsoft .NET, Network Security, Object Oriented Programming (OOP) Languages, Penetration Testing, Presentation/Verbal Skills, Privacy Controls, Problem Solving Skills, Process Improvement, Public/Media/Press/Analyst Relations, Python Programming/Scripting Language, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Ruby, Secure Coding, Security Infrastructure, Software Development, Systems Administration/Management, Team Player, Threat Modeling, Time Management, Trade-Off Analysis
LOCATION
Bellevue, WA
POSTED
30+ days ago
Description Devices and Services Trust and Privacy (DSTP) is responsible for maintaining and raising the trust bar for Amazon customers across a diverse set of 30+ Devices and Services (D&S). DSTP offers horizontal services for builders to ensure trust, privacy, and accessibility is built into our products and services. We also build customer-facing capabilities that provides customers with control and transparency and reducing privacy risk, while enabling partner teams to innovate with appropriate guardrails for content moderation, privacy, accessibility, and trust. The DSTP team is looking for a passionate Security and Privacy Incident Response Engineer who can lead the response to privacy and data protection issues across Devices & Services. You must thrive in dynamic/ambiguous situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication and collaboration on privacy and data protection issues is critical. In this role, you will apply your creative and critical problem solving skills to quickly contain incidents and then work with cross-functional teams to remediate the root cause. You must have a passion for engineering solutions to complex privacy and data governance challenges, and recognize and fill gaps in capabilities. Above all, you should be passionate about privacy, information security, the ever-changing threat landscape and privacy/security automation and tooling. Key job responsibilities - Manage escalated privacy and trust risk events/cases from start to finish; write detailed case notes, reports, summaries, short and long-term recommendations, and trade-off analyses for all audiences, including senior leadership. - Interact with and influence other teams (e.g., service teams, engineering, product, legal); identify experts and stakeholders on other teams to support decisions on containing incidents or mitigating privacy and trust risks; build consensus and recommendations based on analysis of the nature of potential violations to Privacy Policies, Promises, or Legal/Regulatory requirements. - Own successful delivery of large, impactful, and highly cross-functional program initiatives while simultaneously tracking a set of smaller projects. Demonstrate comfort with handling technical investigations and analysis, and provide actionable recommendations to senior leadership audience with minimal supervision. - Develop deep knowledge of global privacy and data governance obligations, processes, best practices, and solutions utilized by Amazon. Utilize this knowledge to provide recommendations and consultation to improve DSTP processes and tooling and reduce risk through control automation and enhancements. - Establish metrics and regular reporting/escalation mechanisms for measuring results, progress, and gaps in performance and compliance. - Communicate plans, status, and critical issues clearly and effectively. - Support deep dive assessments and ad-hoc data analysis requests. A day in the life This is an inherently cross-functional role where you will work directly with engineers, product managers, policy and compliance specialists, legal, PR, Marketing, and other Amazon builders to help them identify, expediently contain/mitigate privacy incidents and risks, and implement a Privacy by Design and Default culture. You will use your investigative and/or analytical experience and demonstrate your prowess and experience in writing and briefing complex cases. You will track risk assessment, validation, adjudication, and remediation actions, and ensure that teams prioritize and execute those tasks in a timely fashion. You will be responsible for knowing the ins and outs of impacted systems, and ensure the impacted builders/owners follow the correct paths to compliance. You should be comfortable working in a fast-paced, rapidly evolving environment with fast delivery time, rapid iteration, and data-driven decision-making. About the team This role is a part of our Trust Reviews and Incident Management (TRIM) team within TPA. Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and are building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional enabled to take on increasingly complex tasks as their careers progress. Basic Qualifications - Bachelor's degree in computer science or equivalent - 5+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience - CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTestPreferred Qualifications - Experience applying threat modeling or other risk identification techniques or equivalent - 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience - Experience in one or more of the following: application security frameworks, security code reviews, incident response, security infrastructure, penetration testing, mobile security, cloud security, AI security, identity and access controls Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits . USA, WA, Bellevue - 159,300.00 - 202,400.00 USD annually

About the Company

A

Amazon

At Amazon, we don’t wait for the next big idea to present itself. We envision the shape of impossible things and then we boldly make them reality. So far, this mindset has helped us achieve some incredible things. Let’s build new systems, challenge the status quo, and design the world we want to live in. We believe the work you do here will be the best work of your life.

Wherever you are in your career exploration, Amazon likely has an opportunity for you. Our research scientists and engineers shape the future of natural language understanding with Alexa. Fulfillment center associates around the globe send customer orders from our warehouses to doorsteps. Product managers set feature requirements, strategy, and marketing messages for brand new customer experiences. And as we grow, we’ll add jobs that haven’t been invented yet.

It’s Always Day 1
At Amazon, it’s always “Day 1.” Now, what does this mean and why does it matter? It means that our approach remains the same as it was on Amazon’s very first day – to make smart, fast decisions, stay nimble, invent, and stay focused on delighting our customers. In our 2016 shareholder letter, Amazon CEO Jeff Bezos shared his thoughts on how to keep up a Day 1 company mindset. “Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight,” he wrote. “A customer-obsessed culture best creates the conditions where all of that can happen.” You can read the full letter here

Our Leadership Principles
Our Leadership Principles help us keep a Day 1 mentality. They aren’t just a pretty inspirational wall hanging. Amazonians use them, every day, whether they’re discussing ideas for new projects, deciding on the best solution for a customer’s problem, or interviewing candidates. To read through our Leadership Principles from Customer Obsession to Bias for Action, visit https://www.amazon.jobs/principles
COMPANY SIZE
10,000 employees or more
INDUSTRY
Other/Not Classified
FOUNDED
1994
WEBSITE
http://Amazon.com/militaryroles