AWS Security Manager, AWS Proactive Security

AWS Security Manager, AWS Proactive Security

06 Sep 2024
District of Columbia, Washington, 20001 Washington USA

AWS Security Manager, AWS Proactive Security

DescriptionAWS’s Bug Bounty team is growing and is seeking a manager to join the team. This individual will be working with customers and teams to secure AWS’s public facing services, applications, and websites. In this role, you will be responsible for leading a team of highly skilled individuals to solicit the identification of vulnerabilities from Customers and security researchers. You will then be responsible for ensuring vulnerabilities are remediated with urgency by partnering with service teams, ensuring what is learned through disclosure and mitigation improves the security of AWS’s software development life-cycle. This role will provide you with challenging leadership and technical opportunities and the chance to grow AWS’s Bug Bounty Program into the best on planet Earth.You will be in direct contact with teams in a variety of business verticals, giving you first hand knowledge about how AWS is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about AWS to find new ways to drive improvements to Customer relationships, services, processes, and technologies throughout the company, with the ultimate goal of ensuring the continued safety and security of our Customers.You will use your leadership and technical skills to continually lead the direction and evolution of the bug bounty program and collaboration with Customers and security researchers in order to maintain and raise AWS’s high security bar. You’ll be backed up by a team of highly-skilled security engineers all working with a singular focus of maintaining Customer trust. You must demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, a strong sense of Customer Obsession is necessary to focus on the ultimate goal of keeping AWS and its Customers secure with the highest priority.Key job responsibilities

Lead, manage, and develop a high performing technical team across multiple locations

Serve as an escalation point and subject matter expert in incident response, engineering operations, and team triage activities as part of day to day operations.

Lead the strategic direction and evolution of the team, including setting goals and establishing priorities

Drive strategic initiatives by influencing leadership, key stakeholders, and partnering with teams throughout AWS

Lead effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities

Lead improvements to AWS's programs and processes

Write and deliver high-quality documents for technical and non-technical audiences

Manage relationships with Customers and security researchers

About the teamAbout Amazon SecurityDiverse ExperiencesAmazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Why Amazon Security?At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.Inclusive Team CultureIn Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.Training & Career GrowthWe’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life BalanceWe value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.Basic Qualifications

5+ years experience in a technical security leadership role

5+ years of experience in Information Security related domains, with knowledge of security fundamentals, common application vulnerabilities, application attack vectors, methodologies, and tools

3+ years of experience driving Information Security initiatives across large diverse organizations

3+ years of experience communicating with a wide range of technical & non-technical partners and senior leadership

Preferred Qualifications

Ability to take ownership, self-motivate, and deliver results in highly ambiguous environments

Experience with driving remediation/mitigation of security issues and control gaps

Experience gathering and reporting metrics to measure service and program effectiveness and consistency

Technical knowledge of adversary Tactics, Techniques, and Procedures (TTPs)

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $157,600/year in our lowest geographic market up to $272,400/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.

Related jobs

  • Our Mission

  • Job Number 24177707

  • Located in a historic neighborhood in the nation\'s capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.

  • Located in a historic neighborhood in the nation\'s capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.

  • Summary This position is located in the IT Security Operations and Monitoring Division within the Office of Technology, Services, and Innovation (TSI). The selectee reports to the Division Director and provides technical expertise to protect the availability, integrity, and confidentiality of agency information that is stored or processed on computing systems managed by TSI on behalf of the agency. Position is Local Remote Work Eligible. Please see Additional Information for more details. Responsibilities As an IT Cybersecurity Specialist (Information Security), you will be responsible for duties to include, but are not limited to: Serves as senior member of core Computer Incident Response Team (CIRT) to address security incidents, investigations, and resolution. Serves as a member of the IT Security Operations Center (SOC) to lead or assist in \"search and destroy\" tasks, event and alert configuration and monitoring, and reporting on operations and findings. Installs, maintains, and administrates security tools in an enterprise with cloud-based and on-premises systems. Conducts and supports investigations. Analyzes events and alerts from agency systems and networks to identify suspicious activity for potential incidents. This may include investigating activities that indicate data loss, data mishandling, account compromise, etc. This could concern PII, criminal or policy violations, phishing, etc. Investigation may involve the analysis of system logs, security tools, file stores, email or other messaging, etc. Ensure the safety of information systems assets and to protect systems and data from intentional or inadvertent access or destruction, while preserving, and where possible, enhancing information system usability. Participates in strategic planning to ensure that USAGM\'s enterprise networks have the appropriate tools and employs the correct techniques to thwart an increasing cyber-crime and cyber espionage threat. Supports the development and deployment of the agency\'s IT Security Awareness Training Program. This may come in the form of reviewing curriculum, making suggestions based on predictions and observed trends, and supporting digital security training/briefs for travelers going to high threat locations. May also include participating in briefing staff onboarding into the agency. May serve as Contracting Officer\'s Representative; required to obtain and maintain COR level 1 to manage and oversee contracts. Evaluates contractor performed services on behalf of USAGM, verifies materials delivered, and approves contractor invoices for payment. Assists with engagement of other agencies such as partial details to joint task forces relevant to USAGM and IT security operations while bringing information back to IT Security Operations on latest trends and threats. Requirements Conditions of Employment Qualifications Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-13 level in the Federal service as described below. COMPETENCY REQUIREMENTS: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. This skill may be demonstrated by assignments actively finding and addressing cybersecurity threats. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. This skill is generally demonstrated by assignments where the applicant is the point of contact for resolving customer IT issues and ensuring their satisfaction. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. This skill is generally demonstrated by assignments where the applicant serves on panels, committees, or task forces as a representative for the organization on technical or professional issues Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. This skill is generally demonstrated by assignments where the applicant troubleshoots complex IT issues and finds effective solutions. SPECIALIZED EXPERIENCE REQUIREMENTS Applicants must have a minimum of one year of specialized experience at a level of difficulty and responsibility comparable to the GS-13 or comparable pay band in the Federal service or equivalent experience in the private sector. Specialized Experience is experience that has equipped the applicant with the knowledge, skills and abilities to successfully perform the duties of the position and includes all of the following: Detecting, analyzing, and responding to IT security threats; Integrating new tools, tactics, and technologies into incident detection and response workflows; and Developing IT security procedures and recommendations to respond to IT security incidents. NOTE: Applicants must ensure their resumes reflect their experience with all of the above specialized experience criteria. Education Education is not required for this grade level. It cannot be used for qualification purposes. Additional Information Local Remote Work Possible: The selectee of this position can request a remote work agreement for a home duty station within the Washington-Baltimore-Arlington, DC-MD-VA-WV-PA pay locality area. This position does have occasional, irregular on-site responsibilities that require reporting to Washington, D.C. so home duty stations outside the Washington DC local commuting area will not be considered through this announcement. USAGM is committed to fostering a diverse and inclusive work environment. To build and retain a workforce that reflects the diverse experiences and perspectives of the American people, we welcome applicants from the many communities, identities, races, ethnicities, backgrounds, abilities, religions, and cultures of the United States who share our commitment to public service. Applicants must meet all qualification requirements by closing date of the announcement to be considered. 1. If you are a male applicant who was born after 12/31/59 and are required to register under the Military Selective Service Act, the Defense Authorization Act of 1986 requires that you be registered or you are not eligible for appointment in this agency. For Military Selective Service Act requirement information, please visit Selective Service 2. Your application to this vacancy announcement will only allow consideration for this announcement. We cannot electronically or manually move your application to corresponding announcements, if applicable. 3. Additional vacancies not reflected in the announcement that occur after the opening date of the vacancy announcement for position(s) identical (same grade, series and title) to the original vacancy may be filled from the selection certificate during the validity of the certificate. 4. Budgetary conditions may delay or otherwise affect filling this vacancy. However, all interested candidates should apply now.

  • Sr. Industrial Security Analyst at SpaceX

  • Cyber Security Specialist 3 - DMV

Job Details

Jocancy Online Job Portal by jobSearchi.