Security Risk Management Specialist, Leo Security

Security Risk Management Specialist, Leo Security

Job :  |  Services LLC

Project Leo is an Amazon initiative to increase global broadband access through a constellation of over 3,000 Low Earth Orbit (LEO) satellites. Its mission is to bring fast, affordable broadband to unserved and underserved communities worldwide. At Project Leo, we are obsessed with customer trust and are seeking an individual contributor who is creative and passionate about delivering Governance, Risk and Compliance solutions to meet Leo's regulatory and external assurance needs.

In this role, you will work collaboratively with various business and security teams across Amazon to identify compliance needs, assess the maturity of processes and controls, design, build, and execute high‑impact security or compliance programs, and liaise with external auditors to ensure successful audit executions.

This role is open for Redmond, WA location.

Export Control Requirement: Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.

• Play a key role in Leo Security and work closely with the Leo business and product community, setting direction for security of key assets, data, and business processes; serving as a subject matter expert resource for security engineers, security champions, and business leaders inside and outside of our organization
• Proactively assess, identify and develop recommendations regarding data protection, insider threat, data sharing, identity and access management, and third‑party risk issues and vulnerabilities by working with multiple stakeholder teams, including Privacy, Legal, HR, IT, etc.
• Lead and execute internal security and data usage assessments, investigations and security audits, while also supporting enterprise‑wide information security and cyber risk assessments with technical and non‑technical teams.
• Contribute to the development of business risk, insider threat, and third‑party risk management strategic control requirements and roadmaps.
• Contribute to new and provide feedback on existing security standards and control requirements, GRC policy exceptions and risk issue management process.
• Develop and maintain relevant security risk metrics to promote transparency across the organization; measure, monitor and report on information security risks to management.
• Provide guidance on risk, compliance, and policy to technical and non‑technical internal customers, including security training and outreach to internal teams and external supply chain partners.
• Apply your security and business knowledge to drive secure and pragmatic improvements broadly to Kuiper people, process, and assets, while making technical trade‑offs between short versus long term security and business goals.
• Strong organizational and communication skills, with a demonstrated ability to work in a multi‑tasking dynamic environment while maintaining a high level of ownership and accountability.

• Experience triaging security risks or vulnerabilities and ensuring that they are properly understood by the business and fixed or mitigated.
• 3+ years of work in identifying security issues and risks, and developing mitigation plans.

• Experience with GRC technology (SAP GRC Access Controls, Process Controls and Risk Management), SAP Identity Management to support Identity and Access Management (Single Sign‑On, User life cycle management).

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Base salary range:  –  USD annually (USA, WA, Redmond).

Amazon also offers comprehensive benefits including health insurance, 401(k) matching, paid time off, and parental leave.