Manager, Security Engineering, Secure Third Party Tools

Description

We're looking for an experienced Security Engineering Manager to join our Secure Third Party Tools team. Our team builds the standards, controls, and expert review processes that ensure external vendors, software providers, and services meet Amazon's security bar before they interact with our data or systems.

In this role, you'll manage a team of Security Engineers who define and maintain the security controls that 3P are assessed against, conduct expert security reviews for complex engagements, and provide continuous feedback that improves the accuracy of our assessment automation. You'll be responsible for both the technical quality of your team's output and the professional growth of your team.

This is a role where security expertise meets people leadership. You'll set direction for your team while partnering closely with Product, Software Engineering and Applied Science, to ensure that security standards are effectively translated into scalable, automated tooling. Your team's work directly determines whether Amazon can move fast with 3P while maintaining the highest security standards.

Key job responsibilities

- Lead a team of Security Engineers who define and enforce Amazon's third-party security controls.

- Set the security vision and strategy for your team's domain-defining which security controls to prioritize, how to evolve them against emerging threats, and how to integrate them into automated assessment systems.

- Partner with Product and Engineering to translate security requirements into tool capabilities, providing subject-matter expertise that shapes product roadmaps and feature priorities.

- Drive the feedback loop between manual expert reviews and automated assessment outputs, continuously improving precision and reducing the need for human intervention.

- Conduct threat modeling, security architecture reviews, and risk assessments for complex or novel third-party integrations.

- Develop and maintain security guidance, runbooks, and documentation for internal teams and third-party vendors.

- Author documents for leadership reviews, communicating security risks, resource needs, and strategic priorities clearly and concisely.

- Build mechanisms for operational excellence-tracking team capacity, review throughput, quality metrics, and backlog health.

About the team

About Amazon Security

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.

Why Amazon Security?

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

Inclusive Team Culture

In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training & Career Growth

We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

Work/Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.

Basic Qualifications

- 5+ years of managing and developing teams experience

- 5+ years of progressive work within a software security team or related operating environment experience

- Bachelor's degree in Computer Science, Information Security, or a related field

- Knowledge of security of web services, video content protection technologies, cryptography, network security protocols and operating system security

- Experience applying threat modeling or other risk identification techniques or equivalent

Preferred Qualifications

- information security professional certification (SANS GIAC, CISSP etc.)

- Master's degree in Computer Science or a related field

- Knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally…