Sr. Industry Specialist, Regulations Tech & Assurance

The Sr. Industry Specialist will be focused on driving and implementing Amazon control framework providing the foundation for all Amazon security teams to point to a single source of truth to meet security compliance obligations.

This role will help establish automation requirements for control monitoring as well as support onboarding of new customers to the Amazon control framework.

Key job responsibilities
- Contribute to the continuous evolution of the Amazon Control Framework including developing and maintaining the control library create control lifecycle processes ensure appropriate mappings to industry standards amazon policies and standards
- Work with control owners compliance GRC product teams to strategize on automation strategy for evidence collection and continuous control monitoring
- Identify compliance shift-left security controls and partner with engineering to embed automated guardrails directly into the SDLC and CI/CD pipelines
- Develop functional and technical requirements for automated control monitoring
- Proactively look for areas of improvement and provide value added advice and insight on process and controls improvements policy and standards changes and drive continuous advancement of compliance automation capabilities
- Develop and maintain a framework that enables various Amazon business units/teams to meet business objectives and legal/regulatory requirements using a central framework.
- Develop measurements and metrics of the program to report up to executive management

About the team
Joining the Regulations Tech & Assurance team provides the unique challenge and opportunity to solve security issues across a diverse set of global businesses. The ideal candidate will draw upon exemplary project management capabilities critical thinking problem-solving skills and a passion for creating reliable maintainable and secure solutions. The candidate should be open to new challenges proficient at multi-tasking innovative self-directed and a great team player. Candidates should drive continuous process improvement and collaborate effectively with cross-functional business and security teams to solve problems and implement solutions.

About Amazon Security

Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description we encourage candidates to apply. If your career is just starting hasnt followed a traditional path or includes alternative experiences dont let it stop you from applying.

Why Amazon Security
At Amazon security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazons products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud devices retail entertainment healthcare operations and physical stores.

Inclusive Team Culture
In Amazon Security its in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas perspectives and voices.

Training & Career Growth
Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing training and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home theres nothing we cant achieve.



- Bachelors degree or equivalent in Information Security Computer Science Risk Management Engineering Math Statistics or a related discipline or equivalent technology experience
- 8 years of relevant industry experience including assurance and technology compliance.
- Skilled in risk management Information security controls and making complex business/risk trade-off recommendations and decisions.
- Technical knowledge and familiarity with information security standards such as NIST CSF ISO 27k SOC 2 NIST 800-171 PCI etc.
- Experience with GRC tools (Ex. ServiceNow)

- Related security control and compliance experience in various frameworks including: HIPAA HITRUST PCI DSS GLBA ISO NIST etc.
- CISSP CISA CISM CIPP CEH and/or other comparable security controls or audit certifications preferred.
- Experience with service-oriented architectures and web services security.

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience qualifications and location. Amazon also offers comprehensive benefits including health insurance (medical dental vision prescription Basic Life & AD&D insurance and option for Supplemental life plans EAP Mental Health Support Medical Advice Line Flexible Spending Accounts Adoption and Surrogacy Reimbursement coverage) 401(k) matching paid time off and parental leave. Learn more about our benefits at TX Austin - 119300.00 - 208900.00 USD annually
USA WA Seattle - 119300.00 - 208900.00 USD annually