Third Party Risk Management Specialist

DescriptionJob summaryAre you looking for an exciting role where you can analyze and develop end-to-end risk management processes with big improvement impacts to protect our customers? Amazon Web Services (AWS) is rapidly expanding its global presence, with AWS Security being at the forefront of protecting our customers.The Enterprise Risk Management (ERM) team within Amazon Web Services (AWS) is seeking an experienced and self-motivated ERM professional with a proven record of identifying, organizing, leading, and controlling the risks of an organization in order to protect customer data and information.A successful candidate will have the opportunity to manage and iterate an innovative approach to identifying, assessing, and driving remediation for risks in the AWS Cloud Environment. The candidate must be comfortable with balancing strategic thinking with tactical, detailed execution while working independently, sorting through ambiguously defined problems, identifying and facing big challenges and adjusting to sudden and frequent change. This role acts as a key liaison with AWS service teams, infrastructure teams, AWS Security, and related Amazon corporate teams.The right candidate is someone who thinks big, understands risks and enjoys innovating brand new controls/solutions to mitigate risks.This position can be located in Herndon, VA, Arlington, VA, Seattle, WA, Charlotte, NC, or New York, NY.Key responsibilities will include:· Establish strong partnership with front line business partners and other stakeholders to understand business processes and ensure third party program, policy and procedures are effective and demonstrate adherence in support of managing third party service provider risks;. Support strategic risk management framework initiatives on behalf of the AWS Business Risk Management program, to include risk identification, assessment, evaluation, tracking and mitigation;· Identify opportunities for efficiency and effectiveness as well as cost saving by optimizing vendor management mechanisms, and by effectively managing risks in partnership with the line of business;· Mature and develop innovative approaches to the management of risks in a manner that effectively manages the risks while meeting the needs of internal customers and minimizing business impact;· Coordinate mechanisms to improve documentation, track progress, coordinate all improvement efforts, and monitor process improvement effectiveness;· Operate a rhythm of the business for managing risk management and mitigation; guide process owners in implementation of mitigation strategy and implement processes to monitor and report on success;· Assist with linking policy, standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance policies, and risk management;· Drive process improvement and control implementation projects through coordination with AWS teams. This includes the resolution of risk identification and the execution of projects originated from internal assessments.Inclusive Team CultureHere at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.Mentorship & Career GrowthOur team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship.Work/Life BalanceOur team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well balanced life—both in and outside of work.BASIC QUALIFICATIONSBachelor’s degree.

8+ years of risk management experience; includes compliance, operational risk, third party, IT, cybersecurity, audit, risk assessment, issues management, risk measurement and reporting) in a large scale complex organization and/or regulated industry.

8 + years of large scale project and or program management experience leading change initiatives, and strategic plans to achieve impactful goals.

8+ years of experience overseeing third party program risk assessments, analysis, credible challenge, and reporting while driving strategic improvements that result in measurable business impacts.

PREFERRED QUALIFICATIONSMaster’s degree.

Experience providing reporting and updates to senior management and governance routines.

Strong analytical skills with high attention to detail and accuracy

Ability to articulate complex concepts in a clear manner

Lean or Six Sigma Green/Black Belt certification.

In-depth knowledge of an enterprise risk management framework, including risk identification, risk appetite and strategy, risk-related decision, business processes and their related third party controls.

8+ years of experience in the design, implementation or strategic enhancement of governance risk and compliance programs and or capabilities.

8+ years of experience executing against risk program roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.

8+ years of experience evaluating the design and effectiveness of security and information technology controls working directly with internal business owners who oversee third party service providers.

5+ years of experience in the analysis of IT and Security control improvement projects with technology processes and/or major tech companies.

5+ years of experience generating automated metrics to measure risk effectiveness and consistency.

-Meets/exceeds Amazon’s leadership principles requirements for this role-Meets/exceeds Amazon’s functional/technical depth and complexity for this roleAmazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.