Risk Manager II - AMZ10108334

Amazon.com Inc

Austin, TX

JOB DETAILS
SALARY
$78,416–$129,800 Per Year
SKILLS
Acceptance Testing, Applications Security, Artificial Intelligence (AI), Automation, Business Administration, Business Processes, Business Solutions, Cloud Computing, Computer Security, Contract Requirements, Cross-Functional, Customer/Client Research, Data Analysis, Documentation, Establish Priorities, External Audit, Finance, Healthcare, Home Automation, Information/Data Security (InfoSec), Internet/Online Service, Know Your Customer (KYC), Leadership, Localization, Maintain Compliance, Metrics, Network Operations Center, Operations Management, PCI-DSS, Performance Analysis, Policy Implementation, Privacy Controls, Product Support, Project Design, Project Tracking, Project/Program Management, Regulations, Regulatory Compliance, Regulatory Requirements, Requirements Management, Risk Analysis, Risk Management, SQL (Structured Query Language), Schedule Development, Security Analysis, Security Compliance, Security Monitoring, System Integration (SI), Tableau, Team Lead/Manager, Testing, Threat Modeling, Vendor/Supplier Evaluation
LOCATION
Austin, TX
POSTED
8 days ago

MULTIPLE POSITIONS AVAILABLE

Employer: AMAZON.COM SERVICES LLC

Offered Position: Risk Manager II

Job Location: Austin, Texas

Job Number: AMZ10108334

Position Responsibilities:

Identify, design, develop, implement and execute new and existing processes, policies, goals, and solutions to reduce potential risks. Create schedules, identify and communicate risks to stakeholders, define risk mitigation strategies, and facilitate appropriate engineering solutions. Develop system requirements to streamline and simplify tools used to manage and enhance operational productivity, accuracy, and effectiveness for customers. Evaluate effectiveness of current or future systems. Collaborate with other departments to integrate with business systems and processes. Maintain metrics, reports, and process documentation to monitor and analyze delivery performance and key controls. Manage cross-functional teams and/or third party-vendors for implementation of project/program requirements.

Position involves security and regulatory compliance risks, specifically: information security control risks (gaps in controls protecting customer data), data localization risks (non-compliance with data residency requirements across jurisdictions), payment, healthcare and privacy security risks (e.g. vulnerabilities in digital payment systems), and regulatory non-compliance risks (failure to meet requirements of financial regulators and security standards) within cloud-based technology environments. This is accomplished by leading security compliance assessment engagements across regulatory standards for in scope global Amazon businesses across US, EU, APAC and MENA regions; analyzing regulatory requirements and mapping them to security controls within compliance platforms; conducting control testing and evaluating security artifacts; performing threat modeling and application security reviews; executing security assurance reviews; developing Generative AI and Retrieval Augmented Generation (RAG) solutions to automate compliance mapping; building automated security control monitoring using deterministic and non-deterministic testing.

The scope of managing cross-functional teams and third party vendors involves individual contributor-level authority to independently lead compliance engagements, define new security controls and test procedures, evaluate control effectiveness, identify and escalate compliance risks, and recommend remediation strategies to engineering and leadership teams. Exercises independent judgment to assess regulatory requirements, determine control applicability, prioritize risks by severity, and approve or reject assessment findings before submission to external audit facing teams. Defining engagement scope, timelines, and deliverables for security compliance projects; coordinating with payment security, enterprise controls, application security, and engineering teams; overseeing assessment progress across multiple regulatory regimes; conducting cross-functional reviews to resolve control testing queries; managing third-party vendor assessments for data center security controls and evaluating control applicability between the organization and third-party providers; tracking milestones and reporting status. For vendors, evaluates vendor security controls against regulatory requirements and escalates contractual decisions to senior management. Processes include Security Control Monitoring Automation (SCMA), Application Security Review (ASR) certification, and User Acceptance Testing (UAT) of compliance workflows. Systems include ServiceNow, Amazon Control Framework (ACF), NightWolf, Avocato, Data Classification Engine (DACE), AWS GuardDuty, and Party Rock. Products supported include digital payment and e-KYC services assessed under PCI DSS, RBI, UIDAI, CBUAE, and NESA regulatory frameworks.

Position Requirements:

Bachelor's degree or foreign equivalent degree in Business Administration, Finance, Engineering, or a related field and one year of experience in the job offered or as a Program or Project Manager, or a related occupation. Must have one year of experience in the following skill(s): managing projects from design to implementation to meet regulatory requirements; and analyzing data utilizing Excel, Tableau, or SQL.

Amazon.com is an Equal Opportunity-Affirmative Action Employer - Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation.

40 hours / week, 8:00am-5:00pm, Salary Range $78,416/year to $129,800/year.

Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, visit:

https://www.aboutamazon.com/workplace/employee-benefits.#0000

About the Company

A

Amazon.com Inc

At Amazon, we don’t wait for the next big idea to present itself. We envision the shape of impossible things and then we boldly make them reality. So far, this mindset has helped us achieve some incredible things. Let’s build new systems, challenge the status quo, and design the world we want to live in. We believe the work you do here will be the best work of your life.

Wherever you are in your career exploration, Amazon likely has an opportunity for you. Our research scientists and engineers shape the future of natural language understanding with Alexa. Fulfillment center associates around the globe send customer orders from our warehouses to doorsteps. Product managers set feature requirements, strategy, and marketing messages for brand new customer experiences. And as we grow, we’ll add jobs that haven’t been invented yet.

It’s Always Day 1
At Amazon, it’s always “Day 1.” Now, what does this mean and why does it matter? It means that our approach remains the same as it was on Amazon’s very first day – to make smart, fast decisions, stay nimble, invent, and stay focused on delighting our customers. In our 2016 shareholder letter, Amazon CEO Jeff Bezos shared his thoughts on how to keep up a Day 1 company mindset. “Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight,” he wrote. “A customer-obsessed culture best creates the conditions where all of that can happen.” You can read the full letter here

Our Leadership Principles
Our Leadership Principles help us keep a Day 1 mentality. They aren’t just a pretty inspirational wall hanging. Amazonians use them, every day, whether they’re discussing ideas for new projects, deciding on the best solution for a customer’s problem, or interviewing candidates. To read through our Leadership Principles from Customer Obsession to Bias for Action, visit https://www.amazon.jobs/principles
COMPANY SIZE
10,000 employees or more
INDUSTRY
Retail
FOUNDED
1994
WEBSITE
http://Amazon.com/militaryroles