We are seeking an experienced Senior IT Risk Manager to drive the maturation of our Second-Line-of-Defense IT risk management and data privacy programs across Amazon's North American payments operations. This key leadership position reports directly to the Head of North America Risk & Compliance and serves as a critical Second-Line-of-Defense partner to senior leadership.
As a senior member of the North America Risk & Compliance leadership team, you will spearhead the development and implementation of an integrated Second-Line-of-Defense IT risk management and data privacy framework, ensuring robust protection of our payments’ technology infrastructure and customer data while enabling business growth.
Key job responsibilities
• Lead the design and implementation of a comprehensive IT risk management and data privacy framework, including risk assessment and control effectiveness methodologies, that align with regulatory requirements and Amazon’s high standards.
• Effectively partner with senior business partners, providing thought leadership on IT risk management and controls while supporting strategic business objectives.
• Provide strategic direction on risk management matters to senior leadership, including implementation of detailed, data driven narratives to inform leadership of risks related to a variety of IT Risk and Cybersecurity topics.
• Apply expert risk-based guidance on adherence to Information Technology and Cybersecurity risk-related regulations such as NYDFS Part 500 and GLBA, and other applicable regulations.
• Provide credible challenge across all information, technology, and cybersecurity risks enabling business growth while ensuring that risks remain within risk appetite.
• Provide subject matter expertise in terms of best practices, IT regulatory requirements, IT resiliency plans and risk mitigation.
• Perform deep dives on technology compliance-related processes and systems.
• Identify system limitations that could lead to regulatory risks relative to new and existing products and services, and provide guidance for resolution and risk mitigation.
• Maintain strong relationships with key technology teams to gain a deep understanding of Amazon’s payments IT architecture.
• Provide advice to stakeholders regarding the remediation of internal and external IT audit findings and implementation of recommended actions.
