Red Team Technical Program Manager, AWS

2 months agoArlington, VA


The AWS Red Team is looking for a Senior Security Technical Program Manager to own security strategy and continuous engagement with AWS service teams. This role will understand the complex roles and responsibilities of everyone involved in operating AWS services, and leverage their deep experience to define and drive strategic security outcomes with business leaders at the highest levels.

AWS is growing at an incredible pace (+29% annually as of Q3 2020), and conducts business around the world. This kind of growth is only possible because of the efforts supported by countless engineering teams who put the security of our customers first every day. This role is the voice of security for the AWS Red Team. You will be responsible for long-term strategy as well as the real-time operational needs that ensure urgent tactical issues are resolved and that teams are taking steps to head off customer impacting risks and issues.

The AWS Red Team organization exists to improve the defensive capability of AWS and ensures that our systems and processes are secured against the latest threats. The AWS Red Team is responsible for conducting offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. If you are a strong communicator with deep security experience, we look forward to talking to you! To be successful you must be comfortable individually driving cross-team efforts, and defining well-considered objectives and metrics to guide decision-making and affect change. You will provide crystal-clear vision and direction for diverse engineering and business leaders, and connect experts from all disciplines and locations to develop solutions that would otherwise not be feasible. You will develop and manage programs and processes that enable security testing to be done at scale for AWS.

A Senior Security Technical Program Manager is expected to understand the systems in their program space, the limitations, scaling factors, boundary conditions, and reasons behind architectural decisions. They are expected to seek out and clearly communicate relevant data to support complex business decisions, and drive the right recommendations in a compelling and effective way. They create plans that have objective, measurable success criteria and clearly communicate progress and outcomes. They anticipate the gaps between teams, processes, and system architectures to help their organization produce the best possible results for our customers.

• Own your program. Build relationships to understand and guide the roadmap of all teams you support
• Gather knowledge, define projects, and coordinate execution across multiple global partner teams
• Identify and produce appropriate business metrics, and continually assess them to improve over time
• Apply security expertise in technical discussions, keeping all stakeholders productively engaged
• Directly represent our organization to business leaders and technical staff at all levels of the company
• Prepare and present detailed, written technical information for internal and external audiences
• Demonstrate exceptional judgment, integrity, business acumen, and communication skills
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced lifeboth in and outside of work.

Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.

Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.


• Minimum of 6 years of experience in Technical Program Management, driving engineering projects from concept to delivery.
• At least 4 years of experience in two or more of the following technical categories:
-- Red Team operations
-- Penetration testing or pentest management
-- Bug bounty program management
-- Security architecture and risk mitigation for enterprise networks or services
-- Data analytics (business intelligence, security metrics, data pipeline, scale, and performance)
-- Product/Service definition (requirements and use cases for internal/external customer solutions)
-- SDLC (end-to-end security management of a software lifecycle)
• Bachelors' degree in Computer Science or similar field or equivalent work experience.


• Experience managing external relationships
• Experience communicating technical concepts to a non-technical audience.
• Demonstrated ability to prepare technical specifications and executive-ready communications
• Prior working experience in a Software Development Team.
• Experience interpreting and communicating analytics.
• A strong bias for action with proven ability to handle a high volume of high-stress, time-sensitive tasks by prioritizing multiple projects regardless of constant changes in a dynamic environment
• Experience working successfully in a very fast-paced, results-oriented environment, and demonstrated possession of the self-drive needed to keep things moving forward even in the face of ambiguity and imperfect knowledge (avoid "analysis paralysis")
• Outstanding attention to detail and demonstrated ability to manage multiple, competing priorities simultaneously
• Exceptional written and verbal communication skills
• An understanding of security, web services, multi-tiered systems, workflow modeling, and enterprise application integration
• Familiarity with SQL, Python, and/or Tableau
• Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)
• Strong sense of ownership, urgency, and drive
• Sharp analytical abilities and proven design skills
• Security architecture experience within a professional services firm or similar environment
• Meets/exceeds Amazon's leadership principles requirements for this role
• Meets/exceeds Amazon's functional/technical depth and complexity for this role

Amazon is committed to a diverse and inclusive workforce. Amazon is an equal opportunity employer and does not discriminate on the basis of race, ethnicity, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit

If you have additional questions, please contact Pedro Garcia at