Grc Specialist, Aws Security

DESCRIPTION Key job responsibilities - Serve as the GRC Specialist for designated (physical and/or logical) components within the cloud capability, to perform assurance and authorization activities to ensure adherence to standards and protocols. - Collaborate with internal teams and customers to establish baselines and level-set the security requirements, security controls, and security objectives. - Implement ISM, PSPF, DSPF, ASIO T4, NIST and/or other security compliance frameworks into design and build baselines to achieve the agreed security posture. - Create, optimise, and support cross-functional working groups and projects aimed at enhancing security efficiency and effectiveness across the organization. - Utilise domain expertise to develop thought leadership material on cloud and emerging technologies, contributing to the organization’s knowledge base and industry positioning. - Deliver to tight deadlines and drive results, demonstrating exceptional attention to detail and ensuring accuracy in all aspects of security management. A day in the life In your day-to-day you will need to exercise sound judgment in making trade-offs between short versus long term security and business goals. You will demonstrate resilience and navigate difficult situations with composure and tact, with a goal to achieve a great outcome for the customer. You will be successful in this role by regularly analysing your own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other teams throughout AWS. About the team Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. The team is comprised of security professionals with a cross section of national security and private sector experience, providing a range of perspectives required for creative problem solving. We value diversity of thought, creativity, and a strong Bias for Action and Earn Trust. We believe that there are no "perfect" security solutions and we develop and iterate using a continuous improvement process. Diverse Experiences Why AWS? Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Inclusive Team Culture AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do. Mentorship & Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve. BASIC QUALIFICATIONS - 4+ years experience working in areas related to security assurance, such as cybersecurity, auditing, security architecture, regulatory affairs or public sector agencies involved in cybersecurity management. - Experience working with governance, risk and compliance programs that directly involve interaction with regulatory bodies. - Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight) - Experience working with cloud technologies. PREFERRED QUALIFICATIONS - Degree or equivalent experience in (Computer Science, Engineering, Cyber Security, IT Security Management, Security Risk Management)a related security field - Minimum 4 years experience in implementing and operationalising security to meet business outcomes - Proven ability to not only influence but lead business partners and supporting teams - Ability to able to credibly coordinate between technical teams and business stakeholders - Strong communication skills. Ability to produce detailed and complex written business cases without the use of PowerPoint Acknowledgement of country: