Description

Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS’ highly secure infrastructure.

AWS Security is looking for an Information Security Manager, who will be involved in overseeing the full security lifecycle for our security program. You will guide the security program through its development, support, operations phases and future expansions, providing advice and oversight as the program achieves it’s milestones. You are a strategic thinker, with a deep understanding of the regulatory landscape, solid understanding of cloud technologies, experience in security and compliance, and demonstrated success in driving innovative strategies to overcome complex policies and obstacles to cloud assurance and authorisation. You will work closely with our internal and external customer to identify security outcomes and maintain the security programs ongoing compliance to broadly recognised industry standards such as NIST, ISM, PSPF and ASIO T4. You will be responsible for all information security aspects of the program across the physical and logical security domains.

Key job responsibilities

• Manage a team of information security experts, providing leadership and direction to ensure the effective execution of all information security initiatives.

• Coordinate security-related engagements with both internal stakeholders and external customers, fostering collaborative relationships and ensuring alignment with security objectives.

• Identify security packages of work and plan for their delivery within agreed timeframes, overseeing the execution to achieve successful outcomes.

• Develop and implement a comprehensive strategy to drive security outcomes across our cloud capability.

• Implement ISM, PSPF, DSPF, ASIO T4, NIST and/or other security compliance frameworks into design and build baselines to achieve the agreed security posture.

• Create, optimise, and support cross-functional working groups and projects.

• Utilise your domain expertise to develop thought leadership material on cloud and emerging technologies, contributing to industry progression and organizational positioning.

• Manage tight deadlines and drive results with exceptional attention to detail, ensuring that all security initiatives are executed efficiently and effectively.

Hold or be able to attain an Australian Government Security Vetting Agency clearance (see https://www1.defence.gov.au/security/clearances).

A day in the life

You will lead a team of information security experts, and engage with a broad set of internal and external stakeholders to achieve successful outcomes. You will demonstrate exemplary judgment in making technical trade-offs between short versus long term security and business goals. You will possess resilience and be able to navigate difficult situations with composure and tact. Conflicts should be addressed by listening, finding the best way forward and persuading one’s colleagues. Successful candidate in this role will regularly analyse their own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other engineers throughout AWS.

About the team

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

The team is comprised of security professionals with a cross section of national security and private sector experience, providing a range of perspectives required for creative problem solving. We value diversity of thought, creativity, and a strong Bias for Action and Earn Trust. We believe that there are no "perfect" security solutions and we develop and iterate using a continuous improvement process.

Basic Qualifications

• 5+ years experience managing a security team in a large enterprise.

• 7+ years experience working in areas related to information security, such as cybersecurity, auditing, security architecture, regulatory affairs or public sector agencies involved in cybersecurity management.

• Experience working with cloud technologies.

• Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight).

Preferred Qualifications

• Degree or equivalent experience in (Computer Science, Engineering, Cyber Security, IT Security Management, Security Risk Management)a related security field.

• Deep expertise in information security domain with a good understanding of certification and accreditation of large platforms under the PSPF and ASIO T4 standard.

• Experience working with governance, risk and compliance programs that directly involve interaction with regulatory bodies.

Acknowledgement of country:

In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.

IDE statement:

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer, and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, disability, age, or other legally protected attributes.