Senior Business Information Risk Manager
Company: Amazon.com
Location: Newark
Posted on: September 30, 2024
|
|
Job Description:
Good storytelling starts with great listening. At Audible, that
means each role and every project has our audience in mind. Because
the same people who design, develop, and deploy our products also
happen to use them. To us, that speaks volumes.ABOUT THIS ROLEAs a
Senior Business Information Risk Manager at Audible, you'll be at
the forefront of safeguarding our digital landscape, championing
information security across our entire ecosystem. In this pivotal
role, you'll shape the direction of Audible's security strategy,
working closely with business and product teams to protect key
assets and data. You'll conduct comprehensive security assessments,
develop risk mitigation strategies, and provide expert guidance on
complex security challenges. Your influence will extend beyond the
security team as you partner with cross-functional groups to embed
security best practices, fostering a culture of cybersecurity
awareness. You'll drive continuous improvement by developing
metrics, monitoring trends, and implementing pragmatic solutions
that balance security needs with business goals. As a mentor and
educator, you'll empower security engineers, champion initiatives,
and provide training to both internal teams and external partners.
Join us in building a secure future for Audible, where your
expertise will directly impact the protection of our customers and
the integrity of our business.As a Senior Business Information Risk
Manager, you will... - Play a leadership role in Audible InfoSec &
Security Engineer org and work closely with the Audible business
and product community, setting direction for security of key
assets, data, and business processes; serving as a subject matter
expert resource for security engineers, security champions, and
business leaders inside and outside of our organization-
Proactively assess, identify and develop recommendations regarding
data protection, insider threat, data sharing, identity and access
management, and third party risk issues and vulnerabilities by
working with multiple stakeholder teams, including Privacy, Legal,
HR, IT, etc- Lead and execute internal security and data usage
assessments, investigations and security audits, while also
supporting enterprise wide information security and cyber risk
assessments with technical and non-technical teams- Contribute to
the development of business risk, insider threat, and third party
risk management strategic control requirements and roadmaps-
Contribute to new, and provide feedback on existing security
standards and control requirements, GRC policy exceptions and risk
issue management process- Develop and maintain relevant security
risk metrics to promote transparency across the organization;
measures, monitors and reports on information security risks to
management- Provide guidance on risk, compliance, and policy to
technical and non-technical internal customers, including security
training and outreach to internal teams and external supply chain
partners- Apply your security and business knowledge to drive
secure and pragmatic improvements broadly to Audible people,
process, and assets, while making technical trade-offs between
short versus long term security and business goals- Strong
organizational and communication skills, with a demonstrated
ability to work in a multi-tasking dynamic environment while
maintaining a high level of ownership and accountability is a
mustABOUT AUDIBLEAudible is the leading producer and provider of
audio storytelling. We spark listeners' imaginations, offering
immersive, cinematic experiences full of inspiration and insight to
enrich our customers daily lives. We are a global company with an
entrepreneurial spirit. We are dreamers and inventors who are
passionate about the positive impact Audible can make for our
customers and our neighbors. This spirit courses throughout
Audible, supporting a culture of creativity and inclusion built on
our People Principles and our mission to build more equitable
communities in the cities we call home.BASIC QUALIFICATIONS- BS in
Cybersecurity, Computer Science, or other relevant degree- 6+ years
of experience in cyber and information security functions,
especially in areas including Governance, Risk and Controls (GRC),
Privacy, insider threat, business information security, identity
and access management, third party risk, incident response, threat
modeling- 2+ years of experience in an information security
leadership role- Knowledge in navigating risk mitigation and risk
issue management, policy and standards, security frameworks (e.g.
NIST, ISO, etc.), managing a GRC function, and business information
security / risk officer function- Experience in web and mobile
application security, and cloud technologies threats and risks-
Experience in written and verbal communication- Experience in
mentoring a non-tech community on complex technical issues or
ambiguous technical challengesPREFERRED QUALIFICATIONS- MS in
Cybersecurity, Computer Science, or other relevant degree- Ability
to identify security issues and risks, and develop mitigation plans
or solutions- Knowledge of web and mobile application security, and
cloud technologies, common vulnerabilities, attacks, and mitigation
methods- Demonstrated experience using communication skills to
advocate security for both technical and non-technical audiences-
Experience in driving large scale, cross-organization initiatives-
Sharp analytical abilities and proven innovation skills to unblock
adoption of security mechanisms- Relevant industry certifications
(e.g., CISSP, SANS/GIAC, CISA, OSCP/OSWA/OSWE, AWS)Amazon is
committed to a diverse and inclusive workplace. Amazon is an equal
opportunity employer and does not discriminate on the basis of
race, national origin, gender, gender identity, sexual orientation,
protected veteran status, disability, age, or other legally
protected status. For individuals with disabilities who would like
to request an accommodation, please visit
https://www.amazon.jobs/en/disability/us.
Keywords: Amazon.com, Newark , Senior Business Information Risk Manager, Executive , Newark, New Jersey
Click
here to apply!
|