Amazon
IT Compliance Specialist, Multi-Channel Fulfillment
Amazon, Seattle, Washington, us, 98127
Key job responsibilities
Dive deep into the control environment to develop a technical understanding of control implementation and articulate compliance implications to internal and external audit functions.Improve documentation, coordinate improvement efforts, and monitor process improvement effectiveness.Operate and plug into organizational mechanisms for managing changes to the control environment and external industry standards requirements; document organizational control activities and confirm readiness of controls for audit.Develop broad domain and technical knowledge in AWS and Amazon corporate security solutions that support compliance programs.Communicate and drive remediation and continuous improvements to the security organization, the program management process and control implementation projects in coordination with the service teams. This includes resolution of audit findings and the execution of projects originated from internal assessments.Collect evidence in support of audit engagements and the relationship with the ISO/SOC2 auditors and Amazon service teams, articulate control implementation and impact, and establish considerations for applying security, privacy, and compliance concepts to a technical cloud environment.Apply a working knowledge of commercial information security and privacy regulation and policy to articulate customer and control impact and drive alignment to controls.A day in the life
As part of the SCPT team, you will build bridges between security, technology, operations, and compliance by working directly with our in-scope service teams, infrastructure teams, corporate security teams, and third-party assessors.About the team
Buy with Prime is helping people reimagine the way they shop…. wherever they do! Buy with Prime is a new way to extend Prime shopping benefits—including fast, free shipping, a seamless checkout experience, and free returns—to merchants’ own online stores, ultimately increasing selection for Prime members. For over 20 years, Amazon been empowering businesses with opportunities to grow. Buy with Prime is an exciting next step in our mission to help merchants of all sizes grow their business—whether on Amazon or beyond.MCF is a third-party logistics (3PL) solution that enables merchants to leverage Amazon’s fulfillment network and team of experts to pick, pack, ship, and deliver customer orders from off-Amazon sales channels.Minimum Requirements
5+ years of experience in security or commercial compliance work in support of highly technical, complex cloud services environment(s) or experience as an IT auditor in direct support of ISO 27001 and SOC 2 examinationsBachelor's Degree in Information Systems Management, Computer Science, Informatics, or other related fields.Certified Information Systems Auditor (CISA) or Certified Information Systems Manager (CISM)Experience communicating audit/assessment results and corrective action (i.e. remediation) plans to partners, and prioritizing and remediating findings with service/system owner.Solid technical background with experience in cloud technologies, cloud deployment models (IaaS/PaaS/SaaS), and familiarity with AWS core services (Lambda, ECS, EC2, S3, DDB, KMS, etc.)Experience working with auditors/regulators for these types of assessments.Strong organization, writing, and communication skillsPreferred Qualifications
Certified Information Systems Security Professional (CISSP), ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Certified Cloud Practitioner, or equivalent certificationsExperience scoping and leading organizational risk assessments and documenting risk treatment plansExperience in privacy compliance consulting, control audits, or advisory workExperience engaging software development teams, who are building cloud products or services, defining technical security specifications to meet control requirements, and monitoring the team’s progress from development to release.Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.Knowledge and proficiency with Project Management tools, like Asana and ServiceNow.
#J-18808-Ljbffr
Dive deep into the control environment to develop a technical understanding of control implementation and articulate compliance implications to internal and external audit functions.Improve documentation, coordinate improvement efforts, and monitor process improvement effectiveness.Operate and plug into organizational mechanisms for managing changes to the control environment and external industry standards requirements; document organizational control activities and confirm readiness of controls for audit.Develop broad domain and technical knowledge in AWS and Amazon corporate security solutions that support compliance programs.Communicate and drive remediation and continuous improvements to the security organization, the program management process and control implementation projects in coordination with the service teams. This includes resolution of audit findings and the execution of projects originated from internal assessments.Collect evidence in support of audit engagements and the relationship with the ISO/SOC2 auditors and Amazon service teams, articulate control implementation and impact, and establish considerations for applying security, privacy, and compliance concepts to a technical cloud environment.Apply a working knowledge of commercial information security and privacy regulation and policy to articulate customer and control impact and drive alignment to controls.A day in the life
As part of the SCPT team, you will build bridges between security, technology, operations, and compliance by working directly with our in-scope service teams, infrastructure teams, corporate security teams, and third-party assessors.About the team
Buy with Prime is helping people reimagine the way they shop…. wherever they do! Buy with Prime is a new way to extend Prime shopping benefits—including fast, free shipping, a seamless checkout experience, and free returns—to merchants’ own online stores, ultimately increasing selection for Prime members. For over 20 years, Amazon been empowering businesses with opportunities to grow. Buy with Prime is an exciting next step in our mission to help merchants of all sizes grow their business—whether on Amazon or beyond.MCF is a third-party logistics (3PL) solution that enables merchants to leverage Amazon’s fulfillment network and team of experts to pick, pack, ship, and deliver customer orders from off-Amazon sales channels.Minimum Requirements
5+ years of experience in security or commercial compliance work in support of highly technical, complex cloud services environment(s) or experience as an IT auditor in direct support of ISO 27001 and SOC 2 examinationsBachelor's Degree in Information Systems Management, Computer Science, Informatics, or other related fields.Certified Information Systems Auditor (CISA) or Certified Information Systems Manager (CISM)Experience communicating audit/assessment results and corrective action (i.e. remediation) plans to partners, and prioritizing and remediating findings with service/system owner.Solid technical background with experience in cloud technologies, cloud deployment models (IaaS/PaaS/SaaS), and familiarity with AWS core services (Lambda, ECS, EC2, S3, DDB, KMS, etc.)Experience working with auditors/regulators for these types of assessments.Strong organization, writing, and communication skillsPreferred Qualifications
Certified Information Systems Security Professional (CISSP), ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Certified Cloud Practitioner, or equivalent certificationsExperience scoping and leading organizational risk assessments and documenting risk treatment plansExperience in privacy compliance consulting, control audits, or advisory workExperience engaging software development teams, who are building cloud products or services, defining technical security specifications to meet control requirements, and monitoring the team’s progress from development to release.Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.Knowledge and proficiency with Project Management tools, like Asana and ServiceNow.
#J-18808-Ljbffr