Devices and Services Trust and Privacy (DSTP) is responsible for maintaining and raising the trust bar for Amazon customers across a diverse set of 30+ Devices and Services (D&S). DSTP offers horizontal services for builders to ensure trust, privacy, and accessibility is built into our products and services. We build customer-facing capabilities that provides customers with control and transparency and reducing privacy risk, while enabling partner teams to innovate with appropriate guardrails for content moderation, privacy, accessibility, and trust.

The DSTP team is seeking an experienced privacy and security engineering leader to join the Privacy Risk & Incident Management team. In this role, you will be expected to identify and prioritize privacy and trust risks across D&S drive tracking, treatment, and reporting of these risks; and hold owners accountable for implementing solutions in appropriate time frames to mitigate risks. You will partner closely with our builders, legal, PR, marketing, security, and product, engineering, policy, and ops teams across DSTP to ensure a cohesive and comprehensive privacy incident response strategy for our devices and services.

We are looking for a leader that's highly passionate about privacy and security and raising the Incident Response bar. Ideally you have a track record of delivering high-quality technology solutions and services in a hyper-growth environment where priorities shift quickly. You should know how to prioritize, communicate clearly and compellingly, and understand how to drive a high level of focus and excellence with a strong team. Devices & Services in general, and Privacy Incident Response in particular, operates at very large scale and demands high standards, so a passion and discipline around security/privacy and delivery is critical. A high level of ownership and accountability is a must.

Key job responsibilities
* Provide strategic leadership and direction for the privacy incident response engineering team to ensure effective and timely detection, response, and mitigation of privacy and trust incidents.
* Own and support the design, development, implementation, and maintenance of DSTS’ privacy incident response infrastructure, tools, and processes.
* Assess privacy risks, establish mitigation strategies, and work with our builders, stakeholders, partners, and peer teams to develop technical roadmaps for incident response capabilities.
* Define Kingpin goals, provide coaching, and foster a culture of innovation and collaboration.
* Drive creation of mechanisms from a security, privacy, quality, and speed perspective that enable DSTP to scale.

A day in the life
This is an inherently cross-functional and organization-spanning role, where you will work with lawyers, business leaders, and engineers to identify problems, understand constraints and tradeoffs, and drive buy-in for technical solutions which integrate with, and improve, existing processes. You will pragmatically balance the need for short-term fixes with a long-term vision. You will write documents which clearly document the reasoning behind decisions, and raise the bar for your team around structured decision-making. You will dive deep to discover root causes and patterns, in order to propose new systems and tools. You will earn trust across the Devices & Services organization in order to drive operational and engineering excellence.

About the team
Trust Fundamentals (TrustFun), which is a part of DSTP, is a “horizontal” organization responsible for building technologies, programs, and services at Amazon scale that instill and grow customer trust, create mechanisms to confidently attain existing and ever-evolving regulatory objectives, and ensure the efficiency and effectiveness of our business partners and stakeholders to meet their trust obligations without disruption — in that order of priority. The scope of our organization is any solution, privacy policy and promise that is intended to be uniformly adopted and used across all D&S organizations, i.e., creating a fundamental trust platform that supports all of D&S. Our team is dedicated to supporting new members. We have a broad mix of job families, experience levels and tenures, and are building an environment that celebrates subject matter expertise, collaboration, knowledge sharing, and mentorship.

- Bachelor's degree
- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+
- 7+ years experience with high volume workflow processes, procedures, and managing the status of privacy and security incidents and risks through regular updates.

- Proven ability to drive incidents to conclusion, based on SLA and severity ratings.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit This position will remain posted until filled. Applicants should apply via our internal or external career site.