Manager, Commercial Compliance, Security
Manager, Commercial Compliance, Security
Posted on :
05-05-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
As part of the Santos Supply Chain Security Compliance Privacy and Trust team you will build the bridges between security technology operations and compliance by working directly with our Santos service teams corporate security teams thirdparty assessors and auditors and internal stakeholders. You will join industryleading security professionals and practitioners in supporting B2B customers to ensure that our systems are designed operated maintained and protected in accordance with leading industry standards including ISO 27001 SOC 2 Types 1 & 2 etc.
Key job responsibilities
* Manage and scale a team of commercial compliance specialists to achieve maintain and renew certifications.
* Dive deep into the controls environment to develop technical understanding of control implementation and articulate compliance implications to internal and external audit functions.
* Set strategic direction improve documentation track progress coordinate improvement efforts and monitor process improvement effectiveness.
* Operate a rhythm of the business for managing changes to the control environment and external industry standards requirements; in preparing compliance assessment reports guide control owners in documenting their own control activities and confirm readiness of controls for audit.
* Develop broad domain and technical knowledge in AWS and Amazon corporate security solutions including the operational processes and controls in place that support compliance programs.
* Monitor evaluate and continuously improve the business by being a trusted advisor facilitator and creative problem solver. Develop and share program/project process frameworks tools and best practices that can be adopted throughout the organization.
* Drive remediation and continuous improvements to the security organization the program management process and control implementation projects in coordination with the service teams. This includes resolution of audit findings and the execution of projects originated from internal assessments.
* Manage audit engagements and liaise with ISO/SOC 2/etc. auditors and Amazon service teams articulate control implementation and impact and establish considerations for applying security privacy and compliance concepts to a technical cloud environment.
* Apply a working knowledge of global information security and privacy regulation and policy to articulate customer and control impact and drive alignment to Amazon businesslevel controls.
* Effectively communicate compliance program results including assessment status workflow remediation and reporting to a broad audience including technical peers and senior / executive leaders across participating Amazon organizations.
About the team
Buy with Prime Supply Chain Security is looking for a highly motivated IT Compliance Program Manager to join our Security Compliance Privacy & Trust (SCPT) team to lead and scale a compliance team pursuing leading commercial audits and certifications (ISO 27001 SOC 2 series etc.). You will join industryleading security professionals to ensure that the business team complies with industry leading globally recognized security and privacy standards.
* Bachelors Degree in Accounting or Auditing Information Systems Management Computer Science Business or other related fields.
* 7 years of experience in security or compliance consulting in support of a highly technical cloud services environment.
* 7 years of experience in performing and/or participating in technical audits/assessments in direct support of a major compliance effort (e.g. ISO 27001 SOC 2 NIST SP 80053 based frameworks etc.).
* Experience in compliance consulting or advisory work supporting ISO 27001 and SOC 2 series
* Experience communicating audit/assessment results and remediation plans with leadership and prioritizing and remediating findings with service/system owner.
* Solid technical background with experience in cloud IT infrastructure and services/applications.
* A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments.
* Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) AWS Cloud Practitioner or equivalent certification
* Certification or handson experience with ServiceNow Integrated Risk Management or equivalent GRC tool
* Experience engaging service/engineering teams who are building technology products or services and experience defining technical requirements and seeing them through to development and release.
* Experience auditing applications built from AWS cloud services.
* Experience building certification roadmaps based on customer requirements compliance documentation and ensuring that committed assessments are delivered on schedule.
* Experience in IT program or project management and/or control framework development and implementation.
* Solid technical background with experience in cloud technologies cloud deployment models (IaaS/PaaS/SaaS) and direct experience with AWS core services (EC2 S3 DDB RDS KMS etc.)
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $118100/year in our lowest geographic market up to $252700/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on jobrelated knowledge skills and experience. Amazon is a total compensation company. Dependent on the position offered equity signon payments and other forms of compensation may be provided as part of a total compensation package in addition to a full range of medical financial and/or other benefits. For more information please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.
Key job responsibilities
* Manage and scale a team of commercial compliance specialists to achieve maintain and renew certifications.
* Dive deep into the controls environment to develop technical understanding of control implementation and articulate compliance implications to internal and external audit functions.
* Set strategic direction improve documentation track progress coordinate improvement efforts and monitor process improvement effectiveness.
* Operate a rhythm of the business for managing changes to the control environment and external industry standards requirements; in preparing compliance assessment reports guide control owners in documenting their own control activities and confirm readiness of controls for audit.
* Develop broad domain and technical knowledge in AWS and Amazon corporate security solutions including the operational processes and controls in place that support compliance programs.
* Monitor evaluate and continuously improve the business by being a trusted advisor facilitator and creative problem solver. Develop and share program/project process frameworks tools and best practices that can be adopted throughout the organization.
* Drive remediation and continuous improvements to the security organization the program management process and control implementation projects in coordination with the service teams. This includes resolution of audit findings and the execution of projects originated from internal assessments.
* Manage audit engagements and liaise with ISO/SOC 2/etc. auditors and Amazon service teams articulate control implementation and impact and establish considerations for applying security privacy and compliance concepts to a technical cloud environment.
* Apply a working knowledge of global information security and privacy regulation and policy to articulate customer and control impact and drive alignment to Amazon businesslevel controls.
* Effectively communicate compliance program results including assessment status workflow remediation and reporting to a broad audience including technical peers and senior / executive leaders across participating Amazon organizations.
About the team
Buy with Prime Supply Chain Security is looking for a highly motivated IT Compliance Program Manager to join our Security Compliance Privacy & Trust (SCPT) team to lead and scale a compliance team pursuing leading commercial audits and certifications (ISO 27001 SOC 2 series etc.). You will join industryleading security professionals to ensure that the business team complies with industry leading globally recognized security and privacy standards.
* Bachelors Degree in Accounting or Auditing Information Systems Management Computer Science Business or other related fields.
* 7 years of experience in security or compliance consulting in support of a highly technical cloud services environment.
* 7 years of experience in performing and/or participating in technical audits/assessments in direct support of a major compliance effort (e.g. ISO 27001 SOC 2 NIST SP 80053 based frameworks etc.).
* Experience in compliance consulting or advisory work supporting ISO 27001 and SOC 2 series
* Experience communicating audit/assessment results and remediation plans with leadership and prioritizing and remediating findings with service/system owner.
* Solid technical background with experience in cloud IT infrastructure and services/applications.
* A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments.
* Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) AWS Cloud Practitioner or equivalent certification
* Certification or handson experience with ServiceNow Integrated Risk Management or equivalent GRC tool
* Experience engaging service/engineering teams who are building technology products or services and experience defining technical requirements and seeing them through to development and release.
* Experience auditing applications built from AWS cloud services.
* Experience building certification roadmaps based on customer requirements compliance documentation and ensuring that committed assessments are delivered on schedule.
* Experience in IT program or project management and/or control framework development and implementation.
* Solid technical background with experience in cloud technologies cloud deployment models (IaaS/PaaS/SaaS) and direct experience with AWS core services (EC2 S3 DDB RDS KMS etc.)
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $118100/year in our lowest geographic market up to $252700/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on jobrelated knowledge skills and experience. Amazon is a total compensation company. Dependent on the position offered equity signon payments and other forms of compensation may be provided as part of a total compensation package in addition to a full range of medical financial and/or other benefits. For more information please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.
Required Experience:
Manager
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
