Technical Program Manager - Compliance Pentest
- Austin, TX
You have hundreds of thousands of hosts, hundreds of millions of lines of code, billions of online transactions, and one of the most visited sites on the Internet. Now go secure it. At Amazon, we obsess over our customers, and ensuring our customers' trust is our first priority. To earn that trust in an environment as vast and varied as Amazon's and an online world where threats grow ever more sophisticated requires building a world-class information security team to tackle never-before-seen challenges at dizzying scales. You will not just be using cutting-edge security technologies here in Amazon; you will be inventing them.
Amazon's Information Security team is seeking a Technical Program Manager with a security background to join the Offensive Security Team. This team is responsible for discovering vulnerabilities, identifying where Amazon is vulnerable to attack and working with teams throughout Amazon to drive the resolution of these findings. Covering a broad range of work, this role is primarily focused on driving penetration tests, both internal and/or with external vendors, where you'll be interfacing and communicating with leadership throughout the company.
In this role you'll be using your leadership and technical skills to orchestrate and execute on these engagements in order to maintain and raise Amazon's high security bar. You'll be backed up by a team of skilled security engineers focused on attacking Amazon from a variety of perspectives, all working with a singular focus of maintaining our customer's trust. You'll be exposed to the reality of how Amazon functions on a technical and process level, work with a variety of teams that comprise what is Amazon, and will build a comprehensive base of knowledge around how it all works together. In doing so, you'll be playing a role in helping keep it secure, bringing security findings to these teams and contributing to raising the security bar across the company.
• Minimum 5-years of information security, payments, audit, risk management or related client service or consulting experience.
• Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Technical knowledge and familiarity with all payment security standards.
• Experience in analyzing large data sets.
• Related security control and compliance experience in various
• Frameworks including: PCI DSS, PCI PA-DSS, PCI PTS, GLBA, ISO, NIST, CISSP, CISA, CISM and/or other comparable security controls or audit certifications preferred.
• Experience with service-oriented architectures and web services security.
• Excellent written and verbal communication skills.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Back to top