Senior Manager, Security Operations

Job summaryThe Amazon Devices and Services team designs and engineers high-profile consumer electronics, including the best-selling Kindle and Alexa family of products. We have also produced groundbreaking devices like Amazon Echo, Fire tablets, Amazon Fire TV, Echo Show, Echo Spot, and more, and delivering towards unprecedented outcomes in Satellite-based communications and autonomous transportation. What will you help us create? The Devices and Services (D&S) Trust & Security team works to ensure that our devices and services are designed and implemented to the high standards required to maintain and enhance customer trust. Security and Privacy are paramount to maintaining trust and we need to continue to build trusted products, maintain and operate trusted environments, and advocate trust to customers and stakeholders. The team develops security automation for devices & services, performs penetration testing, and handles and tracks incident responses to resolution. The Trust team is responsible for enabling business growth and innovation while honoring data policies and controls that help protect customer trust. We are responsible for defining and executing on the security and related privacy requirements across the entire organization.* Overview of role*Senior Manager, Security Operations is a new and critical function in the D&S Trust & Security organization. This role will lead a team of experts to monitor, detect and respond to security threats. This role will work closely with the multiple stakeholders such as Engineering, Operations and Business teams to drive strategy planning, develop robust operational processes and data-informed analysis, ultimately supporting successful business growth and operational efficiency. This is a highly visible role in which you will have a high degree of autonomy, and outsized impact. You will work closely with the Trust & Security leadership team on various strategic priorities to deliver on scale and run the business more effectively. You will lead the team’s mission to protect platform and device systems, including security intelligence, threat hunting, threat detection, log aggregation/monitoring, and advanced incident response functions. We seek a seasoned technology executive to lead a global high-performing team of security professionals. *We’re looking for someone who:** Is highly analytical and process-driven, can assist with strategic planning, drive decisions forward, execute on high-impact projects, and lead through influence.* Is comfortable leading strategic initiatives to solve complex business challenges with multiple levels in the organization.* Demonstrates ability to think strategically and analytically about business, product, and operational challenges.* Has experience managing stakeholders at all levels.* Is able to work cross-functionally with many teams and collaborate with a sense of urgency.* Has an uncanny ability to embrace ambiguity and see around the corners.* Has impeccable attention to detail, follow-through, and resourcefulness.* Exceptional leadership skills, able to lead, manage and deliver a 24x7 incident response program, security orchestration using automation, detection capabilities and more.* What you will do:** Lead and drive strategic security initiatives and execution plans across Incident Response, Product threat response, and Threat Informed Defense/Threat Intel.* Provide strategic and operational leadership for the Security Operations team, focused on run-the-business detection/containment/remediation, security incident management and investigations.* Own the vision, drive the strategy and execution plan to get to world-class for Security @ scale for the business.* Partner with operators across the company to deliver shared outcomes that measurably improve our efficacy and efficiency to scan, detect, recover and respond to risks.* Partner with industry-leading experts to bring in innovative solutions and contribute to the security community.* Establish credibility as a trusted advisor to stakeholders, including executives, peers, and employees.* Maintain strong knowledge of security vulnerabilities, remediation approaches, and operational best practices.* Foster and facilitate the professional growth and development of the team and lead effective cross-functional collaboration across groups within the organization.* Build organizational capability within teams by recruiting and retaining outstanding talent and providing mentoring, training (internal and external), and other opportunities for professional growth and development.* Partner with peer functions and organizations to design and deliver upon the people strategy to enable team success.* Assist with strategic planning: Identify opportunities to influence, support, and execute on our strategy. Assist with the quarterly and annual planning processes.* Collaborate and coordinate cross-functionally: you will need to navigate a complex organization matrix across Devices and Services, Amazon, and external partnerships. You will deeply understand the business dynamics and recommend strategies that appropriately balance the needs of our various partners. As needed, you will gather and analyze data from multiple sources to inform decision-making at all levels.* Develop and share clear and persuasive narrative and communications to influence senior stakeholder audiences and the organization at large.* Manage annual strategic/business planning, headcount planning and resource allocation processes in coordination with Finance and functional teams across the organization.* Stay current on emerging security threats, vulnerabilities and controls.* Planning, strategy and delivery of threat intelligence and incident response.* Evangelize security and be an advocate for customer trust.* Serve as, or direct and support, the incident commander role to drive the overall response to a cyber incident and coordinating efforts of multiple cross-functional teams.* Identify and implement processes and tools to improve the automation and efficiency of monitoring, detection, and response to threats, incidents, and reported vulnerabilities.* Partner with peer leadership on the creation and implementation of the Level 2 Security Operations Center that will enable the team to scale and support through next period of growth.* Knowledge of the cyber threat landscape and ability to articulate and incorporate major threat categories, motivations, and intent of adversaries against Devices and Services assets.* After hours escalation and on-call responsibilities can be expected.Key job responsibilities* Lead, manage, and develop a high performing technical Penetration Testing Organization (comprising of multiple 2-pizza teams) across multiple locations* Manage and coordinate complex penetration testing projects involving multiple pen testing managers and security engineers, technology stacks, and development teams* Lead the strategic direction and evolution of the Penetration Testing Team, including setting goals and establishing priorities* Drive strategic initiatives by influencing leadership, key stakeholders, and partnering with teams throughout Amazon* Lead effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities* Lead improvements to internal program and process* Write and deliver high-quality documents for technical and non-technical audiences

Basic Qualifications

* 10+ years of experience in security roles, with a focus on Incident and Vulnerability Response, Threat Intelligence, and Threat Informed Defense with proven track record of delivering world class innovation and operational excellence.* Strong understanding of advanced persistent threats, attacker methodologies, attack lifecycle, cyber kill chain, and the MITRE framework.

Preferred Qualifications

* Consistent SOC experience performing triage/incident/vulnerability response in enterprise environments* Experience using data and metrics to drive improvements.* Deep understanding of architecture and security fundamentals (IAM, Data Protection, Network Security, etc.)* Experience owning strategy, end to end delivery, and communicating results to senior leadership.* Proven ability to provide technical and strategic oversight for a high-performing global team of security experts.* Experience working in high-growth companies and identifying and building new capabilities as scaling needs arise.* Demonstrated experience creating effective security strategies that balance prevention and detection, drive risk reduction and mitigation.* Build trusted relationships with peers and team.* Technology/hardware/consumer electronics industry exposure* Experience managing managers * Experience communicating with a wide range of technical & non-technical partners and senior leadership* BA/BS in Computer Science or related field Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.