You have hundreds of thousands of hosts, hundreds of millions of lines of code, billions of online transactions, and one of the most visited sites on the Internet. Now go secure it. At Amazon, we obsess over our customers, and ensuring our customers' trust is our first priority. To earn that trust in an environment as vast and varied as Amazon's and an online world where threats grow ever more sophisticated requires building a world-class information security team to tackle never-before-seen challenges at dizzying scales. You will not just be using cutting-edge security technologies here in Amazon; you will be inventing them.
Amazon's Application Security team is looking for a Technical Program Manager to drive the next generation of our security program through multiple high-visibility programs. As a member of the team, you will work closely with leadership, business partners, and engineering teams to define, develop, and release security recommendations and technical solutions that drive security value, automation, and operational improvements across the business.
The ideal candidate will have a strong background and passion in program management and application security, with experience leading enterprise-level technical projects across cloud and distributed service infrastructures.
· Evaluating complex business and technical requirements, communicating inherent security risks and solutions to technical and non-technical business owners.
· Working with engineering, product management, and compliance teams across Amazon to design, develop, deploy, and maintain scalable security solutions in a heterogeneous environment with both “bought” and “built” technologies.
· Understand customer needs, define clear project plans and execute to high expectations in a rapidly changing environment
· Be the glue that is able to prioritize and manage technical dependencies across teams
· Dive deep to gather security requirements from appropriate stakeholders and write clear, detailed level requirements
· Interact and communicate with Project Stakeholders throughout the lifecycle of the project
· Drive awareness of security guidelines, secure-by-default configurations, and technological implementations
· Resolve roadblocks through driving trade-off decisions to move work forward
· Deliver correct security results to customers and the business
· Define, measure, and utilize project/program KPIs
· Identify and drive continuous process improvements across security programs and services
Ideal candidate profile
· BS in Computer Science or equivalent work experience required
· At least 2 years of system security, and/or application security experience
· At least 4 years' experience in project planning, resource management and project delivery
· At least 4 years of experience working in an operational role for a commercial/ retail organization
· Technical knowledge in security engineering, application and network security, authentication and security protocols, and cryptography.
· Knowledge of system security vulnerabilities and remediation techniques
· Strong written and oral communication skills, including the ability to communicate with both technical and non-technical audiences