Manager, Information Security
If you love to build, to invent, to pioneer on a high performance team that's passionate about operational excellence
—we'd love to hear from you.
Amazon.com's security team is a customer-focused organization both internal and external - that strives to provide excellent customer service while meeting it's number one priority: preserving customer trust. Amazon.com is looking for a highly technical Security Engineering Manager to lead the secure and technical design of solutions for interfacing with critical partners like Salesforce. If you enjoy working in an environment with rapidly changing threat scenarios on the cutting edge of information security, this position will provide you with a challenging opportunity. Under your leadership, this team will be setting the standard for dozens of teams and hundreds of developers. You will lead a group of technical individuals to provide requirements, design, implementation reviews and delivery of shared tools and processes. This role will work closely with multiple enterprise teams, including Information Security, corporate teams, and engineering teams.
Key tasks include:
- Manage team of security engineers and technical program managers. Manage and develop the team, including hiring, retention, performance management, mentoring and capability/skill development. Manage toward company, product, and personal objectives.
- Responsible for planning and directing the day-to-day activities.
- Act as point of contact with multiple Amazon businesses for communications dealing with information security, including vulnerabilities, controls, technologies, human factors and management issues.
- Establish credibility and maintain strong working relationships with groups involved with information security matters (Legal, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.)
- Review, suggest, and implement improvements for security practices, especially as they pertain to our external party relationships.
- Evaluate complex business and technical requirements, and communicate inherent security risks and solutions to technical and non-technical business owners.
- Lead the architecture, design, implementation, support, and evaluation of security-focused tools and services.
- Develop and deliver general security awareness and specific security technology presentations, talks and training related to our external relationships.
- Establish consistent project management processes, standards and guidelines in the execution of program wide security efforts. Engage enterprise wide teams as needed with a focus on results.
- Translate security and technical requirements into business requirements and present to Information Security leadership.
- Stay current on emerging security threats, vulnerabilities and controls.
- Evangelize security within Amazon.com and be an advocate for customer trust.
- Provide leadership and innovation in the design and implementation of security to enable new products and services.
- Experience in management of technical teams.
- Minimum 8-years of information security or related experience.
- Highly technical and hands-on is a must.
- Extensive project leadership experience.
- Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
- Strong knowledge in current security threats, trends and mitigations.
- Experience in design and delivery of enterprise-level security programs.
- Experience conducting acquisition and partner due diligence, including delivery of risk analysis reports of findings is desirable.
- Detailed technical knowledge in security engineering, system and network security, authentication and security protocols, applied cryptography, and application security.
- Experience with client side security and mobile platform security.
- Experience with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role) is a plus.
- Experience with service-oriented architectures and web services security.
- Substantial experience with the application of threat modeling and other risk identification techniques.
- Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits.
- Executive-level written and verbal communication skills.
- Excellent leadership, teamwork and collaboration skills.
- Results oriented, high energy, self-motivated.
- Master's Degree in CS, Mathematics or related discipline
Founded by Jeff Bezos, the Amazon.com website started in 1995 as a place to buy books because of the unique customer experience the Web could offer book lovers. Bezos believed that only the Internet could offer customers the convenience of browsing a selection of millions of book titles in a single sitting. During the first 30 days of business, Amazon fulfilled orders for customers in 50 states and 45 countries - all shipped from his Seattle-area garage.
Amazon's evolution from Web site to e-commerce partner to development platform is driven by the spirit of innovation that is part of the company's DNA. The world's brightest technology minds come to Amazon.com to research and develop technology that improves the lives of shoppers and sellers around the world.
e-Commerce, Retail, Operations, Internet
Company Type: Public Company
Company Size: 10,001+
- Cloud Security Architect
- Cloud Security Architect
- Cloud Security Strategist
- Information Security, Security Assessor
- Manager - Infrastructure Security
- Security Architect, AmazonBooks Systems
- Security Engineer
- Security Engineer - Penetration Tester - Finance Business Services
- Security Engineer Intern
- Security Engineering Manager - Penetration Testing
- Security Operations Engineer, AWS