Compliance Assessment Program Manager

2 months agoSeattle, WA


Are you interested in driving exceptional security for customers and have a passion for cutting-edge technologies? Do you see regulatory compliance as a business enabler? Amazon Web Services (AWS) is looking for a highly motivated Security Assurance Compliance Program Manager to join our Global Audits Team in AWS Security Assurance to drive security compliance for AWS services. You will join industry-leading security professionals to ensure that our services are in compliance with security and privacy requirements.

You should be a technically experienced and innovative security, compliance, and audit professional who has the ability to understand IT and privacy processes, communicate to customers, and to be able to drive innovative process changes through multiple organizations and teams.

Key Responsibilities:
• Dive deep into the AWS control environment to develop technical understanding of control implementation, and articulate compliance implications to internal and external audit functions.
• Set strategic direction, improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness.
• Operate a rhythm of the business for managing changes to the control environment and external industry standards requirements; in preparing compliance assessment reports, guide control owners in documenting their own control activities and confirm readiness of controls for audit.
• Develop broad domain and technical knowledge in AWS security solutions including the operational processes and controls in place that support AWS compliance programs.
• Monitor, evaluate, and continuously improve the organization by being a trusted advisor, facilitator and creative problem solver. Develop and share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
• Drive continuous improvements to the security organization, the program management process and control implementation projects in coordination with the service teams. This includes resolution of audit findings and the execution of projects originated from internal assessments.
• Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy and compliance concepts to a technical cloud environment.
• Apply a working knowledge of global information security and privacy regulation and policy to articulate customer and control impact and drive alignment to AWS controls.
• Effectively communicate compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.

Inclusive Team Culture
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Mentorship & Career Growth
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship.

Work/Life Balance
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well balanced lifeboth in and outside of work.


• Bachelor's Degree in Accounting or Auditing, Information Systems Management, Computer Science, Informatics, or other related fields.
• 5+ years of experience in security or compliance consulting or advisory work in in support of a highly technical environment.
• 5+ years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. SOC1, SOC 2, HITRUST, or ISO)
• Experience in working directly with auditors or as an auditor for compliance assessments.
• Solid technical background with experience in cloud technologies, cloud deployment models (IaaS/PaaS/SaaS), and familiarity with AWS core services (EC2, S3, DDB, RDS, KMS, etc.)
• A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments.


• Experience in technical security design, compliance consulting, or advisory work in support of a highly technical environment.
• Experience with engaging teams who are building technology products or services and experience in working with engineering in defining technical requirements and seeing them through to development and release.
• Experience auditing cloud environments.
• Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
• Experience in IT program or project management, IT auditing, and/or control framework development and implementation.
• Experience in performing technical assessments and audits of network, operating systems, application security, and auditing IT processes.
• Meets/exceeds Amazon's leadership principles requirements for this role.

• Meets/exceeds Amazon's functional/technical depth and complexity for this role.


Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, visit