Devices and Services Trust, Privacy, and Accessibility (TPA) is responsible for maintaining and raising the trust bar for Amazon customers across a diverse set of 30+ Devices and Services (D&S). TPA offers horizontal services for builders to ensure trust, privacy, and accessibility is built into our products and services. We also build customer-facing capabilities that provide customers with control and transparency and reduce privacy risk, while enabling partner teams to innovate with appropriate guardrails for content moderation, privacy, accessibility, and trust.
TPA is seeking a Senior Privacy Specialist to serve as a single-threaded owner of Alexa and Ring’s regulatory responsibilities under 2023 Federal Trade Commission (FTC) consent orders. This owner should feel excited and empowered to solve complex problems to protect customer privacy, hold control owners accountable for enforcement outcomes, and assess, record, track, and report our compliance posture to senior executives and regulators. The ideal owner has experience working with US federal regulators (specifically, the FTC), is detail-oriented, comfortable exercising high-judgment, and has excellent writing, critical thinking, and project and stakeholder management skills.
Key job responsibilities
You will work with engineering, product, legal, PR, marketing, and other privacy and security teams across Amazon to:
* Maintain and improve our comprehensive privacy program to ensure continued adherence to order requirements
* Apply relevant laws, regulations, and order requirements to business use cases in coordination with counsel
* Ensure business ownership and completion of order requirements
* Determine whether privacy incidents are order-impacting and drive resolution of timely remediation
* Prepare risk reports for review with senior executives, ensuring all action items are timely tracked and remediated
* Deliver annual compliance certifications to counsel
* Drive response to privacy-related inquiries from regulators, outside counsel, media, and other external parties
* Raise business awareness of regulatory requirements
* Monitor evolving privacy regulations, industry frameworks, and best practices
* Drive post-mortem analysis of incidents and recommend improvements based on findings
* Assess and monitor the health and performance of order requirements implementation
A day in the life
This is an inherently cross-functional role where you will work directly with engineers, product managers, policy and compliance specialists, legal, PR, marketing, and other Amazon builders to help them identify, expediently contain and mitigate privacy incidents and risks. You will track risk assessment, validation, adjudication, and remediation, and ensure that teams prioritize and execute those tasks in a timely fashion. You will be responsible for knowing impacted services, and ensuring the impacted owners follow the correct paths to compliance. You should be comfortable working in a rapidly evolving environment and exercising data-driven decision-making.
About the team
This role is a part of Trust Fundamentals’ Privacy GRC team within TPA. Our GRC team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and are building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional enabled to take on increasingly complex tasks as their careers progress.
