Are you passionate about customer trust and privacy? Join the Devices & Services Trust, Privacy, and Accessibility (TPA) team team to safeguard customer trust across 30+ devices and services. We're seeking a talented Technical Program Manager to help deliver Earth's most trusted devices and services while ensuring compliance with global privacy standards.
In this role, you will focus on conducting technical and risk-based assessments of privacy controls across Amazon’s products and services, identifying gaps, and driving technical enhancements in collaboration with engineering teams. The ideal candidate will combine technical and program management expertise with strong privacy risk management skills to ensure compliance with internal policies, external customer commitments, and global privacy regulations.
Key job responsibilities
Risk Assessment and Mitigation
• Conduct comprehensive risk assessments to evaluate privacy risks across Amazon’s products and services, including:
• Analyzing system design, service architectures, data flow diagrams, and orchestrators.
• Performing code reviews, auditing data stores, and evaluating monitoring/alarming mechanisms.
• Reviewing API calls, deletion logs, scripts, and privacy tools for compliance with internal policies or external commitments.
• Identify, analyze, and prioritize risks based on their likelihood, impact, and control strength.
• Collaborate with cross-functional teams to develop risk mitigation strategies and implement technical enhancements to address identified gaps.
• Continuously monitor risks throughout the project lifecycle, reassess mitigation strategies, and adjust plans as needed.
Privacy Controls Assurance
• Design and execute a comprehensive privacy controls assurance program to assess the effectiveness of privacy controls.
• Develop detailed test cases to evaluate privacy controls against internal policies, external promises, and legal requirements.
• Proactively identify drifts in privacy controls, quantify risks, and report findings through compliance reporting mechanisms.
• Stay updated on emerging privacy threats, vulnerabilities, and best practices to refine assurance frameworks.
Collaboration and Communication
• Partner with product teams, engineers, legal teams, and leadership to drive the resolution of privacy gaps based on priority.
• Create clear documentation of assessment findings, risk mitigation plans, and progress updates for stakeholders.
• Influence product design by incorporating privacy-by-design principles into development processes.
A day in the life
In this role, you'll conduct privacy risk and control assessments across our devices and services. Working with engineering teams, product managers, and privacy specialists, you'll conduct deep-dive evaluations of system architectures, data flows, and privacy controls. Your responsibilities include reviewing code, analyzing data storage systems, and validating deletion processes.
You'll identify privacy risks, write comprehensive test cases, and partner with engineering and product teams to implement effective solutions. Expect to balance multiple priorities in a fast-paced environment, making data-driven decisions to enhance our privacy controls.
Success requires technical expertise, investigative skills, and the ability to drive rapid improvements while maintaining strong relationships with diverse stakeholders.
About the team
This role is a part of Privacy Governance, Risk, and Compliance team within TPA, which includes developing processes, tools, and compliance mechanisms to improve leadership decision making through an integrated view of how well D&S manages its unique set of privacy and trust risks. Our GRC team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and are building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.
