Technical Program Manager III, AWS Security Pentesting Team

The AWS Security Verification and Validation Team is looking for a Security Technical Program Manager to own the strategy and continuous improvement of implementing quality control mechanisms within the lifecycle of security testing of AWS services and systems.

This role will understand the complex roles and responsibilities at each stage of the security testing process, and a successful candidate will leverage their deep experience to define and drive strategic outcomes.

This role will understand the key metrics that need to be measured and build dashboards to monitor trends, and create process improvements that address root causes and deliver results.

AWS is growing at an incredible pace and conducts business around the world. This kind of growth is only possible because of the efforts supported by countless engineering teams who put the security of our customers first every day.

AWS prioritizes security and utilizes a robust security testing process to protect our services and customers. This role is the voice of quality assurance within the security testing lifecycle.

This role will be responsible for long-term strategy as well as the real-time operational needs to ensure that all areas of security testing and penetration test scopes are efficient and utilizing automation, exceptional in inputs and outputs, and continuously examined for improvements.

The AWS Security Verification and Validation Team is dedicated to ensuring services and systems that run on AWS have the highest level of security for our customers.

The AWS Security Verification and Validation Team focuses on verifying the security of services and systems before they are released into Production, as well as validating the security after the services and systems go live.

We do this by proactively, retroactively, and continuously looking for security vulnerabilities in features, systems, and networks.

This includes performing penetration testing and vulnerability assessments, running a Bug Bounty program and campaigns, providing reviews of services in production, and performing red team activities.

Key job responsibilities

A successful candidate is expected to be motivated to work in a data-driven environment, have a passion to drive process improvement to eliminate quality gaps, and proficiently analyze systematic issues and implement solutions to challenging problems.

They are expected to seek out and clearly communicate relevant data to support complex business decisions, and drive the right recommendations in a compelling and effective way.

They create plans that have objective, measurable success criteria and clearly communicate progress and outcomes. They anticipate the gaps between teams, processes, and system architectures to help their organization produce the best possible results for our customers.

This position is part of a team of security program managers who support a wide range of security activities and work closely with security engineers.

We develop and manage a range of interrelated programs and work together in a collaborative environment where communication across time zones is key, both within the team and to our partners outside our team.

The work we do is critical to the success of the security program at AWS, and the relationships we build are the foundation.

About the team

About Amazon Security

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply.

If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services.

We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture

In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness.

Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work / Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture.

When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

BASIC QUALIFICATIONS

• 5+ years of technical product or program management experience
• 5+ years of project management disciplines including scope, schedule, budget, quality, along with risk and critical path management experience
• 5+ years of experience establishing programs and processes that improve the efficiency and efficacy of lifecycles / pipelines

PREFERRED QUALIFICATIONS

• 5+ years of working directly with engineering teams experience
• Demonstrated understanding of
• Demonstrated understanding of Cloud Security Foundations, and Penetration Testing foundations
• 4+ years of experience in two or more of the following categories :
• Data analytics and Security metrics experience utilizing SQL, Tableau, QuickSight, and / or other
• Penetration testing or pentest management
• Security architecture and Program risk mitigation for enterprise services
7 days ago