TotalCyber.io
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Security Compliance Specialist, Amazon Stores Security
Amazon Japan G.K.Tokyo, JPN
Onsite
Full-time
Are you interested in driving exceptional security for customers? Do you see information security as a business enabler? Amazon’s Stores Security organization is seeking an experienced Security Compliance Specialist. As part of the Amazon Stores Security InfoSec Japan team, this role will build the bridges between security, technology, and compliance by working across remote and local teams within Amazon Security organization, healthcare business teams, and related Amazon corporate teams. This candidate should be an innovative security/compliance professional who has the ability to dive deep into a variety of complex issues, understand IT processes, and drive compliance assessment to existing and emerging Japan healthcare information security standards.
The ideal candidate will have strong leadership and problem-solving skills, excellent communication skill, and effectively work with cross-functional Amazon teams to support service build-up, service launch and on-going service operation activities.
Key job responsibilities
This position will be responsible for:
- Establish credibility and maintain strong working relationships with groups involved with information security matters (Legal, Amazon Japan Business Entities, Product Management, Security Assurance, Amazon Healthcare compliance, Application Security, Third Party Security, etc.), supporting their security/compliance questions and documents.
- Manage healthcare application compliance assessment. Manage the readiness efforts of services for Information Security Management System (ISMS) certification, 3 ministries’ 2 guidelines (3M2G) to handle medical information, medical cyber security checklists, and/or audit requirement in Japan, and determine scope for healthcare related compliance assessment activities.
- Test services annually against laws, regulatory guidelines, and security standards. Perform written regulated service impact assessments relevant to healthcare business in both English and Japanese, and track corrective actions and re-test if necessary.
- Assist stakeholders and Amazon Japan employees aligning with standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance policies, and risk management.
- Provide on-going Security and Compliance consultation of business operation and incident management via requested tickets.
- Support internal information security training development as well as managing engagement of Amazon Japan employees/officers taking external trainings required by regulators if any.
A day in the life
- Engage with regional business and technical stakeholders to identify security needs, and maintain a good understanding of the Japan healthcare regulatory landscape impacting business
- Determine strategy for highly sensitive and/or high-profile healthcare compliance assessments
- Maintain metrics on security and compliance, prepare reports for senior management on the state of security in region, and continuously improve the compliance posture of the healthcare business by reducing the number of repetitive defect findings identified cycle over cycle
About the team
Regional Security Teams (RSTs) operate locally and stationed teams in complex regulatory environments like Japan and China to provide region-specific compliance support and first-line security functions where a dedicated security team does not already exist. Our foray into the latter is driven by our proximity and relationships with business and country leadership, language requirements, and regulatory expectations that are tied to the broader retail/marketplace domain.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Mentorship and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
The ideal candidate will have strong leadership and problem-solving skills, excellent communication skill, and effectively work with cross-functional Amazon teams to support service build-up, service launch and on-going service operation activities.
Key job responsibilities
This position will be responsible for:
- Establish credibility and maintain strong working relationships with groups involved with information security matters (Legal, Amazon Japan Business Entities, Product Management, Security Assurance, Amazon Healthcare compliance, Application Security, Third Party Security, etc.), supporting their security/compliance questions and documents.
- Manage healthcare application compliance assessment. Manage the readiness efforts of services for Information Security Management System (ISMS) certification, 3 ministries’ 2 guidelines (3M2G) to handle medical information, medical cyber security checklists, and/or audit requirement in Japan, and determine scope for healthcare related compliance assessment activities.
- Test services annually against laws, regulatory guidelines, and security standards. Perform written regulated service impact assessments relevant to healthcare business in both English and Japanese, and track corrective actions and re-test if necessary.
- Assist stakeholders and Amazon Japan employees aligning with standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance policies, and risk management.
- Provide on-going Security and Compliance consultation of business operation and incident management via requested tickets.
- Support internal information security training development as well as managing engagement of Amazon Japan employees/officers taking external trainings required by regulators if any.
A day in the life
- Engage with regional business and technical stakeholders to identify security needs, and maintain a good understanding of the Japan healthcare regulatory landscape impacting business
- Determine strategy for highly sensitive and/or high-profile healthcare compliance assessments
- Maintain metrics on security and compliance, prepare reports for senior management on the state of security in region, and continuously improve the compliance posture of the healthcare business by reducing the number of repetitive defect findings identified cycle over cycle
About the team
Regional Security Teams (RSTs) operate locally and stationed teams in complex regulatory environments like Japan and China to provide region-specific compliance support and first-line security functions where a dedicated security team does not already exist. Our foray into the latter is driven by our proximity and relationships with business and country leadership, language requirements, and regulatory expectations that are tied to the broader retail/marketplace domain.
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.
Inclusive Team Culture
In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Mentorship and Career growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
• Bachelor's Degree in Computer Science, Engineering, Information Systems Management, Information Security or other related fields
• 3+ years of experience in project/program management, developing and maintaining stakeholder relationships across large organizations. 3+ years of experience in security or compliance consulting or advisory work in support of a highly technical environment. 3+ years of experience in performing and/or participating in technical assessments of complex IT architecture
• Experience with Governance, Risk, and Compliance tools and technology. Hands-on experience working successfully in a very fast-paced, rapidly evolving, results-oriented environment
• Experience in working directly with auditors/regulators in support of compliance audits for ISO and other compliance regimes
• Fluency in both Japanese and English languages with sufficient writing skill
• 3+ years of experience in project/program management, developing and maintaining stakeholder relationships across large organizations. 3+ years of experience in security or compliance consulting or advisory work in support of a highly technical environment. 3+ years of experience in performing and/or participating in technical assessments of complex IT architecture
• Experience with Governance, Risk, and Compliance tools and technology. Hands-on experience working successfully in a very fast-paced, rapidly evolving, results-oriented environment
• Experience in working directly with auditors/regulators in support of compliance audits for ISO and other compliance regimes
• Fluency in both Japanese and English languages with sufficient writing skill
Qualifications
• 5+ years of experience as a technical program manager in security/software/web development organizations. 5+ years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (PCI, SOC, ISO and other compliance regimes). 5+ years of experience in performing technical security assessments and audits of network, operating systems, application security, and auditing IT processes
• A record of delivery of large IT process improvement projects with technology processes and/or major tech companies
• CISSP/CISA/CISM certification preferred
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
• A record of delivery of large IT process improvement projects with technology processes and/or major tech companies
• CISSP/CISA/CISM certification preferred
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
Security Compliance Specialist, Amazon Stores Security
Location
Tokyo, JPN
Workplace
Onsite
Type
Full-time