What are the responsibilities and job description for the Senior IT Risk Manager, North America Risk & Compliance position at Amazon?
DESCRIPTION
We are seeking an experienced Senior IT Risk Manager to drive the maturation of our Second-Line-of-Defense IT risk management and data privacy programs across Amazon's North American payments operations. This key leadership position reports directly to the Head of North America Risk & Compliance and serves as a critical Second-Line-of-Defense partner to senior leadership.
As a senior member of the North America Risk & Compliance leadership team, you will spearhead the development and implementation of an integrated Second-Line-of-Defense IT risk management and data privacy framework, ensuring robust protection of our payments’ technology infrastructure and customer data while enabling business growth.
Key job responsibilities
• Lead the design and implementation of a comprehensive IT risk management and data privacy framework, including risk assessment and control effectiveness methodologies, that align with regulatory requirements and Amazon’s high standards.
• Effectively partner with senior business partners, providing thought leadership on IT risk management and controls while supporting strategic business objectives.
• Provide strategic direction on risk management matters to senior leadership, including implementation of detailed, data driven narratives to inform leadership of risks related to a variety of IT Risk and Cybersecurity topics.
• Apply expert risk-based guidance on adherence to Information Technology and Cybersecurity risk-related regulations such as NYDFS Part 500 and GLBA, and other applicable regulations.
• Provide credible challenge across all information, technology, and cybersecurity risks enabling business growth while ensuring that risks remain within risk appetite.
• Provide subject matter expertise in terms of best practices, IT regulatory requirements, IT resiliency plans and risk mitigation.
• Perform deep dives on technology compliance-related processes and systems.
• Identify system limitations that could lead to regulatory risks relative to new and existing products and services, and provide guidance for resolution and risk mitigation.
• Maintain strong relationships with key technology teams to gain a deep understanding of Amazon’s payments IT architecture.
• Provide advice to stakeholders regarding the remediation of internal and external IT audit findings and implementation of recommended actions.
BASIC QUALIFICATIONS
• 12-15 years of progressive experience in information security, cybersecurity, risk management, and/or data privacy risk.
• Strong understanding of the 3-Lines-of-Defense model and compliance frameworks.
• Experienced specialist in information technology risk management, including cybersecurity principles, cloud strategies, payment technologies (preferable) and IT operational processes.
• Strong understanding of IT risk frameworks (e.g., NIST, SOC 2, ISO 2700X, SOX).
• Experience within regulatory environments, financial services technology, or payments systems.
• Skilled in risk management and making complex business/risk trade-off recommendations and decisions.
• Background in security compliance, IT risk management and technical frameworks.
• Experience in analyzing large data sets.
• Understanding of system development life-cycles.
• Bachelor’s degree in Management Information Systems, Computer Science, or related field, or relevant industry experience.
PREFERRED QUALIFICATIONS
- Professional certification required (e.g., CISSP, CISA, CISA, CRMP)
- Track record of building integrated risk and control frameworks
- Strong stakeholder management skills at executive level
- Technology industry experience
- Change management expertise
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
