May 27, 2020
Ten or more years of relevant business or technical leadership, information security management, product management, business development, program or project management, and/or operations experience in and around information technologies, with a special emphasis on knowledge and experience related to information security and compliance.
Solid knowledge of and experience with IT security, defense in depth, compliance frameworks, cloud computing, service-oriented architectures, distributed systems, modern application architectures, and the like.
Demonstrated ability to think strategically about business, product, and technical challenges; strong analytical and excellent communications skills, verbal/presentation skills, writing skills, and attention to detail.
Proven ability to influence and guide both customers and internal stakeholders around business and technical strategies in the security area, and to translate from business requirements to technical solutions.
Must have a passion for innovation, be comfortable defining a way forward in the face of ambiguity, have the ability to scale and influence broadly, and as well as the ability to dive deep and pay attention to details.
Must enjoy working in a highly collaborative, fast paced environment; outstanding interpersonal, collaboration, and teamwork skills and experience.
Highly effective oral, written and interpersonal communication skills; demonstrated ability to effectively and comfortably interact at senior and executive levels.
Bachelor’s degree or equivalent in relevant business, computer science, and/or engineering disciplines.
Domestic and regional travel may be required 30%-50%.
Are you an experienced business and technical leader of IT security teams? Do you have broad and deep knowledge of cloud computing and related IT technologies, especially as it relates to security and compliance? Do you have solid experience understanding and influencing security-related technology decisions made by public sector customers (governments, educational institutions, non-profit entities, and non-government organizations)? Do you enjoy working with customers to achieve greater successes and enhanced security by using cloud technology as part of a broader IT modernization effort?
Amazon Web Services, the world’s leading provider of cloud computing services, seeks an experienced IT security leader (ideally, a prior Chief Information Security Officer (CISO) or equivalent in public sector or a regulated industry) to join a team of technical industry specialists within the Worldwide Public Sector (WWPS) business. Working side by side with internal AWS Security teams, Amazon Public Policy, WWPS sales leaders and solutions architect managers, and professional services practice managers, you will be responsible for developing and delivering on a strategy to help educate public sector market segments, customers, and regulators about how the AWS cloud can improve their security posture from their current on-premises implementation and remove barriers to cloud adoption. As part of that effort, you will bring data and persuasive abilities to bear to help lay to rest any remaining concerns about cloud security.
You will have a special emphasis on public sector customers from Asia Pacific and Japn, and will develop and deliver a regional strategy, with local customization as needed based on national and local laws, policies, and cultures. You will have high visibility at the most senior levels of government agencies, institutions, and AWS including frequent interaction with CISOs, CISOs, CTOs, their staffs, and AWS senior leadership.
Working with WWPS leaders, develop a strategy to influence and measurably impact public sector customers’ perception and experience around AWS’s world-class cloud security and compliance capabilities; and then deliver on that strategy.
The strategy will include, but not be limited to, improved security marketing and messaging (working closely with the AWS Security and AWS Marketing teams); evangelism and content development and delivery via press, analyst, and major industry speaking events; specific security-related strategic customer engagements in a sales overlay model; and efforts to improve security and compliance models and regimes in different countries and public sector submarkets (working closely with the Amazon Public Policy and AWS Compliance teams).
Support Amazon Public Policy, when requested, as a Public Sector security and compliance expert, reviewing draft government legislation and policies, providing comments, and engaging regulators and policy-makers to influence pro-cloud language from a security and compliance perspective.
Develop and build consensus around approaches for measuring and reporting on the impact of the team on AWS successes, whether directly or indirectly.
Develop, elucidate, and bring back to the AWS engineering and security teams customer feedback and requirements to help AWS continually improve its capabilities, features, and delivery models.
In sum, work closely with global WWPS account teams and technical leadership, AWS Security, and Amazon Public Policy to drive adoption of AWS cloud and service solutions into top public sector accounts by focusing on security and compliance, educating, influencing, knocking down barriers, and changing market perceptions to a significant degree.
Experience as the Chief Information Security Officer (or equivalent) of a public sector entity (government agency, educational institution, etc.), or of an enterprise in a regulated industry (financial services, healthcare, etc.).
Fifteen or more years of relevant business or technical leadership, information security management, product management, business development, program or project management, and/or operations experience in and around information technologies, with a special emphasis on knowledge and experience related to information security and compliance.
Deep and broad technical knowledge of and experience with IT security, defense in depth, compliance frameworks, cloud computing, service-oriented architectures, distributed systems, modern application architectures, and the like; good understanding of virtualization, storage systems, software-defined networks, Internet Protocol, high availability and high scalability using modern techniques (scale out versus scale up), etc.
Rich experience with IT security, both technical and operational, as well as experience with compliance regimes such as FedRAMP, HIPAA, CJIS, and other compliance models relevant to countries in the APJ, as well as commercial compliance models such as PCI DSS, or equivalents.
Experience with cloud services and technologies, preferably with AWS, but others as well.
Master's degree or PhD in relevant business, computer science, or engineering disciplines.
Fluent written and spoken English, Chinese, Japanese language skills (desirable)
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer, and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, disability, age, or other legally protected status.
Amazon Web Services Singapore