Security Assurance Analyst, AWS
  • United Kingdom London
  • Amazon Web Services (AWS)
1 year before
31.12.2023
Protect and Defend
Cyber Defense Analysis
Job Description

Description

The AWS Cross Domain Services Operations team is seeking a Security Assurance Analyst with a strong understanding and awareness of the role assurance can play in delivering excellent services to our customers.

The Security Assurance Analyst will be part of the team that provides governance and controls to the the services that connect AWS regions of differing security classifications. This position will work as part of an assurance function, leading on day to day operational assurance activities, ensuring compliance with standards, processes and customer requirements.

At AWS we are obsessed with earning and maintaining customer trust. AWS is delivering exciting and complex distributed systems, and the AWS Cross Domain Services team is essential to how these are operated and secured. We need talented adaptable Security Assurance Analysts to help us implement and operate these complex systems. The role holder will have to demonstrate their knowledge and understanding of information security, as well as undertaking of a wide range of internal security audits.

Key job responsibilities

Establish monitoring and auditing to facilitate the analysis of the processes in place for data flow control
Fulfil requests around evidence to illustrate the key controls that exist across the environment
Ensure control frameworks and compliance risks are recorded and managed
Analyse processes to determine compliance to the design specification (source to target) and expected/anticipated behaviours
Participate in the creation and management of the internal controls, policies, and procedures
Promote Information Security policy, procedures and practice, also act as an SME to ensure appropriate cyber security measures are incorporated.
Develop and implement the data assurance and governance strategies to ensure data quality and compliance, and drive the adoption of these strategies into the business processes
Communicate to key stakeholders the operational processes around AWS security practices and how controls are implemented across the environment
Communicate to leadership key risks and areas of process improvement, as well as seek diverse opinions and coordinate improvement efforts
Field and address requests in collaboration with internal and external stakeholders
Report, investigate and resolve non-compliance issues
As part of this opportunity the role holder will be eligible for great training opportunities and certification.

Basic Qualifications

Have experience in performing technical assessments of network, operating systems, application security, as well as auditing IT processes, including working knowledge of key controls across a number of industry best practices
Proven analytical and quantitative skills, and an ability to use data and metrics to back up assumptions, develop business cases, and complete root cause analyses
Experience in security, audits, customer trust, control assessments, or risk assessments
Demonstrate high judgement and risk decision making abilities

Preferred Qualifications

Involvement in the delivery of projects and programs across multiple teams
Strong critical thinking, verbal and written communication skills, and attention to detail
Good presentation skills, including an ability to effectively communicate with both business and technical teams
Working knowledge of data analysis technologies
Ability to work successfully in a team environment and build effective working relationships inside and outside of the group.
Experience assessing complex technical processes.
Highly organised
Familiarity with web services, multi-tiered systems, workflow modelling and enterprise application integration
Knowledge of a variety of security programs in multiple fields (personnel security, program security, physical security, and education, awareness, and training)

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need an adjustment during the application and hiring process, including support for the interview or onboarding process, please contact the Applicant-Candidate Accommodation Team (ACAT), Monday through Friday from 7:00 am GMT - 4:00 pm GMT. If calling directly from the United Kingdom, please dial +44 800 086 9884 (tel:+448000869884). If calling from Ireland, please dial +353 1800 851 489 (tel:+3531800851489).

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0058   Knowledge of network traffic analysis methods.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0106   Knowledge of what constitutes a network attack and a network attackā€™s relationship to both threats and vulnerabilities.
  • K0161   Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0221   Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0339   Knowledge of how to use network analysis tools to identify vulnerabilities.
Required Skills
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0167   Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.