Senior Security Technical Program Manager
- Arlington, VA
Since early 2006, Amazon Web Services (AWS) has provided companies of all sizes with an infrastructure web services platform in the cloud. With AWS you can requisition compute power, storage, and other services thereby gaining access to a suite of elastic IT infrastructure services as your business demands them. AWS customers can take advantage of Amazon.com's global computing infrastructure which is the backbone of Amazon.com's multi-billion dollar retail business. AWS provides scalable, reliable, and secure distributed computing infrastructure that has been honed for over a decade. For more information on Amazon Web Services please visit: http://aws.amazon.com/
The AWS IT Security team is responsible for the security and availability of all cloud and mobile products and services offered by AWS. This includes cloud services such as EC2 and S3 as well as consumer offerings like Amazon Appstore and Cloud Drive. Our team works with development teams to design and build secure solutions, participate in and coordinate penetration testing activities, and generally solve security challenges at massive scale.
AWS Security is looking for a Technical Program Manager (TPM) to help ensure that our hardware, firmware and virtualization software are designed and implemented to the highest security standards. You will be responsible for designing, planning and executing a scalable process to bake in durable security controls in AWS hardware and low-level software. This process will enable security engineers in AWS Security to rigorously and efficiently analyze the security of applications and services, discover and address security issues and quickly react to new threat scenarios. This position will provide you with a challenging opportunity.
You will work with cutting edge technology and be a part of the AWS Secure Hardware and Foundational Technologies team. You should have strong problem-solving skills, excellent communication skills, an understanding of modern Internet threats, the ability to influence people from customers to managers by creating a win-win solutions, and the desire to be an individual contributor to securing Amazon's next generation technology. Joining the Amazon Web Services Secure Hardware and Foundational Technologies team provides the unique challenge and opportunity to build and review systems at the cutting edge of the cloud to identify threats against AWS and our customers. You will draw upon product development knowledge, secure development practices, project management, critical thinking, problem solving skills, and a passion for securing interconnected systems. You should be open to new challenges, extremely good at multi-tasking, innovative, creative, self-directed and a great team player. You will drive continuous process improvement, and collaborate effectively with aggressive cross-functional business and software development teams to solve problems and implement new solutions. You will interact with a broad cross section of the Amazon organization spanning a wide range of technologies and engaging with external vendors and internal teams. In Amazon Web Services, Technical Program Managers juggle multiple projects with tight timeframes and deadlines.
You must be able to:
Work with multiple engineering teams to manage the execution of Product Security Reviews.
Collaborate with security engineers to define and document secure development practices and requirements to enable secure product development
Define information security controls and patterns that support risk assessments and support the development of secure architectures. This will involve understanding service interdependencies and driving towards secure technical solutions for multi-tiered systems.
Collaborate with engineering teams to deliver product roadmaps, by providing security requirements that help to map security controls / patterns to product features.
Address bottlenecks, provide escalation management, anticipate and make tradeoffs and balance the business needs versus technical constraints.
Partner with multiple teams across multiple locations with varying sets of priorities to ensure a timely delivery of the secure solution.
Clarify and drive project commitments as well as establish and maintain clear chains of accountability.
Lead internal process improvement projects, including the development and implementation of internal tools.
Security training and outreach to internal development teams
Collaborate with security experts to develop robust security guidance documentation
Identify opportunities for development of security assurance tools and manage development efforts
Security metrics delivery and improvements
* Assistance with recruiting activities and administrative work
Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced lifeboth in and outside of work.
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.
• Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
• Minimum of 5 years of professional experience in managing technical programs or projects including architecture, design, or implementation
• Minimum of 1 year managing a project or program in a secure development life-cycle (SDLC)
• Ability to communicate deep technical issues in terms of business risk with non-experts and senior leaders
• Ability to lead through influence within a secure development life-cycle for multiple products and technologies, meeting customer expectations for security
• Experience implementing security solutions that resolve security and business risk trade-offs
• Exceeds expectations for Amazon's functional and technical depth and complexity for this role
• Prior working experience in a hardware product development organization
• An understanding of System-on-Chips, Server hardware, Embedded devices and/or virtualization software
• Experience working with stakeholders across many functions
• Experience interpreting and communicating analytics
• Understanding of exploit protection and other advanced attacks containment is desirable
• Ability to develop SQL queries and basic scripting
• Meets/exceeds Amazon's leadership principles requirements for this role
• Meets/exceeds Amazon's functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workforce. Amazon is an equal opportunity employer and does not discriminate on the basis of race, ethnicity, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
For additional information, please contact Pedro Garcia at email@example.com
Back to top