Security Manager, Vulnerability Management Operations

Description Amazon develops products and services that transform the way customers live. Across teams and geographies, we strive to delight customers and earn their trust. Members of the Stores Security team are guardians of that trust. From drones to grocery stores and everything in between, our mission is to assess risk, classify data and systems, detect potential intrusion, and respond quickly to security events across Amazon's critical business functions, including Retail, Customer Service, Worldwide Operations, Consumer Payments, Physical Stores, and Healthcare. Within Stores Security, the Vulnerability Management and Remediation Operations (VMR Operations) organization is responsible for all aspects of creating, managing, and remediating security issues across Amazon. Additionally, VMR Operations is responsible running Amazon's Vulnerability Management lifecycle including vulnerability intake, assessment, discovery, and remediation. The VMR Operations organization is looking for a Security Manager with deep technical expertise in security operations and program management to lead our Sydney-based team. In this role, you will be responsible for driving the day-to-day operations of your team across multiple vulnerability management functions, including vulnerability assessments and detection development. You will partner with your peers in Seattle, Austin, and London to continuously improve our operational mechanisms. Additionally, you will partner with builders and leaders across Amazon to ensure proper mitigation and remediation of security issues. You will leverage relationships with engineers across Stores Security, business teams, and leaders throughout Amazon prioritize deliverables, elevate roadblocks, and improve organizational processes. You will build trust with Principal Engineers and executive leaders by leveraging your technical expertise to understand technical challenges, design improved solutions, and hold a high program bar. Finally, you will use your information security expertise to champion and drive risk-based decisions across complex, multi-disciplinary programs to ensure Amazon properly manages security risk. Basic Qualifications 5+ years of managing and developing teams experience 5+ years of progressive work within a software security team or related operating environment experience Bachelor's degree in Computer Science, Information Security, or a related field Knowledge of security of web services, video content protection technologies, cryptography, network security protocols and operating system security Experience applying threat modeling or other risk identification techniques or equivalent Preferred Qualifications information security professional certification (SANS GIAC, CISSP etc.) Master's degree in Computer Science or a related field Knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques Experience managing remote team members Acknowledgement of country In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today. IDE statement Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please contact your Recruiting Partner. #J-18808-Ljbffr