Risk and Vulnerability Management Leader


Each day, hundreds of thousands of developers conduct billions of transactions worldwide on AWS services. They harness the power of Amazon Web Services (AWS) to enable innovative applications, websites, and businesses. AWS hosts an exceptionally wide range of services and enables global commerce and business. These complex services require a system thinking approach to reducing risks to our customers. An unchecked vulnerability can severely impact the security, safety, availability, privacy, and integrity of our products and services. The AWS Security team owns the responsibility to ensure our services and products are available and that the security, safety, availability, privacy, and integrity of our products and services remain active for our customers.

The AWS Risk and Vulnerability mitigation program defines the overall risk posture for AWS, collects, exposes, and manages the data; and helps set reasonable expectations for our senior leadership, to assist them in making proactive decisions about the risks we can and can not accept for our customers.

Managing the security risks associated with the hundreds of products and services requires a disciplined focus on new and innovative risk management practices. Complexity in AWS service offerings and interdependencies make understanding and reducing vulnerabilities an ideal system of system engineering challenge and one where risk must be evaluated in terms of security and business risk to our customers and their missions and data. Developing new risk approaches and solutions that articulate, and understand system of system risk and works to proactively reduce inter-dependencies and security challenges requires innovative thinking. Any weaknesses in code or in the services, once exposed can be exploited. Exploited weaknesses become vulnerabilities when they impact the security, safety, availability, privacy, and integrity of our products and services these create risks to our customers. However your customers expect us to innovate new business solutions and costly traditional risk avoidance practices are equally as disruptive. Managing risks in the cloud requires-going visibility, and attention. The AWS risk and vulnerability management program will define the overall risk posture of AWS, collect, expose, and manage the data; and help set reasonable expectations for our senior leadership, to assist them in making proactive decisions.

If you are passionate about risk-based systems engineering and security and you want to help Amazon lead the way in reducing the risks and vulnerabilities to our customers then come join our team.

Basic Qualifications

  • Bachelors in Risk Analysis, Risk Management or similar field of study.
  • 3+ years demonstrated and direct experience in developing and/or deploying risk management principles.
  • 1+ year experience with Deign Basis Threat or similar threat models.
  • 1+ year familiarity with risk calculation, complex multiparty engineering, and/or security assessments.
  • 1+ year experience in developing and/or using various risk assessment methodologies.

Preferred Qualifications

  • 3+ years, demonstrated experience working on complex, highly dependent IT projects from initial formulation through delivery of capabilities.
  • Demonstrated understanding and experience applying cutting edge leading practices as well as diverse customer specific policies, procedures, IT governance, IT acquisition and investment frameworks.
  • Experience with large-scale IT modernization project and deployment in cloud solutions - desirably AWS offerings.
  • Ability to synthesize work and articulate assumptions, conclusions, and recommendations in client-ready form, for different audience levels
  • Experience securing public cloud deployments (e.g. AWS, Azure, Softlayer, etc.)
  • Membership in a recognized professional risk society such as - Society for Risk Analysis, The Security Analysis or the Risk Management Association etc.
  • Strong listening, oral, and written skills

Strong, proven trust building and exceptional communication skills

Meet Some of Amazon's Employees

Mae M.

Senior UX Designer

Mae integrates human-centered design into tools that enable business partners to operate efficiently and intuitively. She analyzes customer needs and pain points to improve designs.

Heather Z.

Director of Alexa Engagement

Heather focuses on building great customer experiences for Alexa users. She heads a team of technical and creative professionals who bring the product to life.

Back to top