Technical Program Manager - Circuit Team
- Westborough, MA
Amazon Information Security (InfoSec) is looking for a Technical Program Manager (TPM) to join The Circuit Program. Circuit takes inputs and findings from our Offensive Security and Security Incident Response Team to curate and provide single threaded ownership of mitigating the root causation for the most critical threats we are aware of. This team possesses cross-functional skill-sets, and may be referred to as a "Tiger Team" in other companies.
As a TPM in Circuit you will focus on Information Security programs with company-wide scope and executive visibility - your work will regularly influence executive decision making, priorities, sponsorship and funding. You will work with security teams and engineering leaders to identify, scope and quantify threats, design mitigation plans, define success criteria, develop implementation strategies, and deliver executive briefings (initial proposal and regular status updates). Once an initiative is green-lit you will own the delivery life-cycle until success criteria is met.
- Develop and maintain strong working relationships with technical and non-technical teams involved with information security and privacy.
- Scope, plan, implement and deliver security projects and programs, and collaborate with Program Managers and senior leaders to align with strategic vision and goals.
-Deliver executive briefings to Amazon CISO, VP's and S-Team Members
- Drive projects cross functionally, build trusted partnerships with other organizations, and work proactively with business teams to ensure security objectives are met.
- Define information security policies and practices based on the threat landscape facing Amazon.
- Establish metrics and regular reporting mechanisms.
- Evaluate solution designs and complex business and technical requirements, scope and communicate peripheral availability and customer experience risks that solution implementation presents.
- Conduct analysis of data to identify trends and patterns in our threat landscape
- Bring innovative ideas, finding ways to meet success criteria while limiting the amount of operational overhead placed on Developers and Service Owners.
• Bachelor's degree in Computer Science or related field (or comparable industry experience).
• 4+ years of technical program management experience.
• 5+ years of experience working in the field of information security and risk management.
• Demonstrated experience with at-scale projects and stakeholder management.
• Understanding of information security, privacy frameworks, and compliance requirements.
• Technical knowledge in multiple security domain areas such as engineering, applications, system and network security, authentication or security protocols.
• Security knowledge on current threats, trends and mitigations
• Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Demonstrated ability to work through ambiguity and deliver through influence.
• Solid foundation in software, systems, and/or network engineering principles
• Maturity, judgment, and proven ability to lead and influence others.
• Ability to communicate effectively with Engineers, Business and Executive leaders
• High sense of ownership, urgency, and drive.
• Able to work in a diverse team
• Master's degree in Computer Science or related technical field.
• Experience as an engineer in an Offensive Security, Penetration Testing or Incident Response team.
• Demonstrated experiencing influencing executive decision making.
• Experience with service-oriented architectures and web services security.
Back to top