Program Manager, Offensive Security Penetration Testing

Amazon.com Services LLC Arlington, VA

About the Job

Job summary
**This role is open to alternative locations including: Seattle, WA - Austin, TX - New York, NY

Amazon’s Offensive Security, Penetration Testing Team is seeking a Program Manager (PM) to help keep Amazon's applications and services secure for its customers. This team is responsible for attacking Amazon’s services, applications, and websites; and partnering with service teams to remediate weaknesses and sharpen our software development lifecycle. You will be challenged with opportunities, both technologically and as a leader, but will also be a great deal of fun if hacking Amazon sounds exciting to you. You will be in direct contact with teams in a variety of business verticals, giving you first hand knowledge about how Amazon is built and how it operates. Additionally, you will leverage the knowledge you gain about Amazon to find new ways to drive improvements to services, processes, and programs throughout the company.

Covering a broad range of work, this role is focused on managing and driving the penetration testing team’s programs, operations, and initiatives by influencing key stakeholders and partnering with teams throughout Amazon to enable the implementation of innovative security solutions and controls to improve Amazon’s security posture. You’ll be using your program and project management skills to continually improve and mature the program, orchestrate penetration testing engagements, and manage third-party vendors and budgets in order to maintain and raise Amazon’s high security bar. You’ll be backed up by a team of highly-skilled security engineers, all working with a singular focus of maintaining our customer’s trust.

A person in this role must show exemplary judgment in making trade-offs between short-term fixes and long-term security and business goals. They must also demonstrate resilience and navigate ambiguous situations with composure and tact. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its customers secure.


Responsibilities include:
· Manage the full life-cycle of penetration testing engagements
· Manage and coordinate third-party vendors and associated budgeting
· Lead the effective and efficient delivery of large, complex projects
· Track metrics and delivery against program goals and implement proposals to improve program services, efficiency, and consistency
· Drive team initiatives by influencing key stakeholders and partnering with teams throughout Amazon
· Collaborate and communicate with leadership, partner teams, and service owners
· Drive internal program and process improvements
· Drive effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities


BASIC QUALIFICATIONS

· Experience with project delivery for large, cross functional security/technology projects
· Experience driving security/technology initiatives across large diverse organizations

PREFERRED QUALIFICATIONS

· Experience with Information Security related domains, with knowledge of security fundamentals, common application vulnerabilities, application penetration testing, common application attack vectors, methodologies, and tools
· Experience with regulatory and compliance standards (e.g. PCI-DSS)
· Experience managing third-party vendor relationships
· Experience managing large, multi-million dollar budgets
· Knowledge of system or security design approaches with experience driving engineering and architectures to deliver results
· Experience with cloud service providers and their offerings, preferably AWS, and its various technologies and services
· Experience gathering and reporting metrics to measure service and program effectiveness and consistency
· Proven ability to handle multiple competing priorities in a fast-paced, deadline-driven environment
· Proven ability to exercise sound judgement, problem solve, and make decisions in complex situations
· Proven ability to take ownership, self-motivate, and deliver results in highly ambiguous environments



Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.