Back to all Cybersecurity jobs
Industry not specified
Security Assurance Specialist, AWS Security Assurance
at Amazon
Tech LeadNo visa sponsorshipCybersecurity
Posted 17 hours ago
No clicks
- Compensation
- Not specified
- City
- Not specified
- Country
- Japan
Currency: Not specified
Join AWS Security Assurance to validate and demonstrate the security controls of AWS services, guiding audit, compliance, and risk management programs for customers across APAC, with a focus on Japan. You will dive deep into the Amazon control environment to articulate regulatory implications of control activities and develop strategic direction for security audit and assurance in the Japan market. You will liaise with strategic customers, regulators, and auditors to communicate control implementations and apply security and compliance concepts to a cloud environment, while driving continuous improvements to the security program and cross-functional collaboration. You will apply global information security regulations and policy to align AWS with customer and regulatory expectations and drive program alignment.
At Amazon Web Services (AWS), Security is our highest priority. The AWS Security Assurance team is responsible for demonstrating the security controls of services offered by AWS. At our scale, we invent new ways to provide the highest level of assurance to our most security conscious customers.
Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our specialists ensure that AWS can meet customers audit, assurance and regulatory expectations. We are looking for Security Assurance Specialist with expertise in technology audit, compliance and enterprise risk management programs in Japan and across APAC. This role requires working with the key members of the team to develop strategic direction for security audit and assurance activities.
Key job responsibilities
• Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions.
• Develop understanding of regulated industry compliance requirements and communicate how our control activities meet global regulatory obligations.
• Develop strategic direction for security audit and assurance activities in Japan market.
• Liaise with strategic customers, regulators and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to a cloud environment.
• Monitor, evaluate, and continuously improve the organization by being a trusted adviser, facilitator, and creative problem solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
• Apply a sound knowledge of global information security regulations and policy to articulate customer and regulatory impact and drive alignment to AWS environment.
- Degree in Computer Science, IT, Engineering, related technical field or equivalent combination of education and relevant work experience.
- Minimum of 7 years’ experience in IT audit, IT compliance, and IT risk management.
- Experience and understanding of global and Japan specific IT risk and control frameworks such as PCI-DSS, SOC 1/2/3, NIST CSF, ISO 27001, FISC, FedRAMP, ITILFISC guideline etc.
- This role requires business level Japanese and English communication skills.
- Experience in technical security design, cloud services/deployment architecture (ideally Amazon cloud services offering), compliance consulting, or advisory work in a highly technical environment.
- Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
- A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments
- Experience in highly regulated industries (e.g. public sector, financial services, healthcare, energy, telecommunications).
- Deep understanding of regulatory guidance, JFSA guidance and other applicable standards and requirements.
- Experience in Regulator Communication or communication with companies in highly regulated industries.
- A record of delivering of IT process improvement projects with technology processes and/or major tech companies along with generating automated metrics to measure effectiveness and consistency.
- Experience building cross-functional partnerships and influencing stakeholders across the organization.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Our team works closely with customers across industries and their auditors and regulatory agencies to understand the security shift from on-premise to the cloud, security of the cloud and customer capabilities in the cloud. Our specialists ensure that AWS can meet customers audit, assurance and regulatory expectations. We are looking for Security Assurance Specialist with expertise in technology audit, compliance and enterprise risk management programs in Japan and across APAC. This role requires working with the key members of the team to develop strategic direction for security audit and assurance activities.
Key job responsibilities
• Dive deep into the Amazon control environment to develop broad domain and technical understanding of our security activities and control implementations to articulate compliance implications to both customers and internal/external audit functions.
• Develop understanding of regulated industry compliance requirements and communicate how our control activities meet global regulatory obligations.
• Develop strategic direction for security audit and assurance activities in Japan market.
• Liaise with strategic customers, regulators and auditors, articulate control implementation, and describe considerations for applying security and compliance concepts to a cloud environment.
• Monitor, evaluate, and continuously improve the organization by being a trusted adviser, facilitator, and creative problem solver. Implement continuous improvements to the security organization and the program management process. Share program/project process frameworks, tools, and best practices that can be adopted throughout the organization.
• Apply a sound knowledge of global information security regulations and policy to articulate customer and regulatory impact and drive alignment to AWS environment.
Basic Qualifications
- Experience with technology risk, IT security audit, compliance and/or relevant regulatory knowledge- Degree in Computer Science, IT, Engineering, related technical field or equivalent combination of education and relevant work experience.
- Minimum of 7 years’ experience in IT audit, IT compliance, and IT risk management.
- Experience and understanding of global and Japan specific IT risk and control frameworks such as PCI-DSS, SOC 1/2/3, NIST CSF, ISO 27001, FISC, FedRAMP, ITILFISC guideline etc.
- This role requires business level Japanese and English communication skills.
Preferred Qualifications
- One or more industry-recognized security, cloud, or audit professional certifications (e.g., CISSP, CCSP, Amazon Cloud Security Practitioner)- Experience in technical security design, cloud services/deployment architecture (ideally Amazon cloud services offering), compliance consulting, or advisory work in a highly technical environment.
- Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
- A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments
- Experience in highly regulated industries (e.g. public sector, financial services, healthcare, energy, telecommunications).
- Deep understanding of regulatory guidance, JFSA guidance and other applicable standards and requirements.
- Experience in Regulator Communication or communication with companies in highly regulated industries.
- A record of delivering of IT process improvement projects with technology processes and/or major tech companies along with generating automated metrics to measure effectiveness and consistency.
- Experience building cross-functional partnerships and influencing stakeholders across the organization.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
