Sr. Technical Program Manager, Privacy Controls Assurance, Devices & Services Trust & Privacy (DSTP)
Amazon.com
Are you passionate about customer trust and privacy! Come join the Devices and Services Trust and Privacy (DSTP) team and help create new processes and mechanisms to safeguard and elevate customer trust across a portfolio of 30+ devices and services. We're looking for a talented Senior Technical Program Manager who can help DSTP meet its vision to deliver Earth’s most trusted devices and services by partnering with builder teams to guide, verify, and build trustworthy customer experiences while adhering to global and emerging regulatory standards.
As a Senior Technical Program Manager, Privacy Controls Assurance you will be responsible for designing, conducting, and overseeing privacy controls assurance, conducting control gap assessments, identifying areas of improvement, and recommending appropriate risk reduction activities to builder teams to ensure compliance of customer data.
Key job responsibilities
* Design and implement a comprehensive and risk-based privacy controls assurance and testing program to evaluate the effectiveness and efficiency of privacy and trust controls across D&S.
* Write detailed privacy control test cases and perform comprehensive privacy control assessments to evaluate the design and operating effectiveness of privacy controls in accordance with internal policies, external promises, and legal/regulatory requirements.
* Test and evaluate privacy controls to identify drifts and quantify risk to be delivered through proactive compliance reporting to support internal policies, external promises, and legal/regulatory requirements.
* Collaborate with cross-functional teams to identify, assess, and prioritize privacy control weaknesses and collaborate with control owners to develop risk mitigation plans for control improvement.
* Proactively revise tests, making them flexible, specific, and repeatable so they better expose gaps in complex privacy controls, policies, standards, promises, and procedures.
* Stay up to date with emerging privacy risks, threats, vulnerabilities, and evolving privacy controls assurance and testing frameworks to ensure appropriate residual risk calculations.
* Coordinate with product and engineering teams to automate tests using internal and open source tools & infrastructure.
* Develop a deep understanding of D&S’ infrastructure, applications, and data flows to design a repeatable controls testing methodology, appropriately document assessment findings, and provide mitigation recommendations in a clear and concise manner.
* Establish metrics and regular reporting/escalation mechanisms for measuring results, progress, and gaps in performance and compliance.
* Communicate plans, status, and critical issues clearly and effectively.
* Support deep dive assessments and ad-hoc data analysis requests.
A day in the life
This is a cross-functional role where you will work directly with engineers, product managers, policy and compliance specialists, and Amazon builders to define and perform comprehensive privacy control tests to evaluate the effectiveness of privacy controls in accordance with internal policies, external promises, and legal/regulatory requirements. You will use your investigative and analytical experience in combination with your technical depth to write complex test cases that represent a vast array of customer environments, interactions, and flows. You will be responsible for knowing the ins and outs of impacted systems, and ensure the impacted builders/owners follow the correct paths to compliance. You should be comfortable working in a fast-paced, rapidly evolving environment with fast delivery time, rapid iteration, and data-driven decision-making.
About the team
This role is a part of Privacy Governance, Risk, and Compliance (GRC) team within DSTP, which includes developing processes, tools, and compliance mechanisms to improve leadership decision making through an integrated view of how well D&S manages its unique set of privacy and trust risks. Our GRC team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and are building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.
As a Senior Technical Program Manager, Privacy Controls Assurance you will be responsible for designing, conducting, and overseeing privacy controls assurance, conducting control gap assessments, identifying areas of improvement, and recommending appropriate risk reduction activities to builder teams to ensure compliance of customer data.
Key job responsibilities
* Design and implement a comprehensive and risk-based privacy controls assurance and testing program to evaluate the effectiveness and efficiency of privacy and trust controls across D&S.
* Write detailed privacy control test cases and perform comprehensive privacy control assessments to evaluate the design and operating effectiveness of privacy controls in accordance with internal policies, external promises, and legal/regulatory requirements.
* Test and evaluate privacy controls to identify drifts and quantify risk to be delivered through proactive compliance reporting to support internal policies, external promises, and legal/regulatory requirements.
* Collaborate with cross-functional teams to identify, assess, and prioritize privacy control weaknesses and collaborate with control owners to develop risk mitigation plans for control improvement.
* Proactively revise tests, making them flexible, specific, and repeatable so they better expose gaps in complex privacy controls, policies, standards, promises, and procedures.
* Stay up to date with emerging privacy risks, threats, vulnerabilities, and evolving privacy controls assurance and testing frameworks to ensure appropriate residual risk calculations.
* Coordinate with product and engineering teams to automate tests using internal and open source tools & infrastructure.
* Develop a deep understanding of D&S’ infrastructure, applications, and data flows to design a repeatable controls testing methodology, appropriately document assessment findings, and provide mitigation recommendations in a clear and concise manner.
* Establish metrics and regular reporting/escalation mechanisms for measuring results, progress, and gaps in performance and compliance.
* Communicate plans, status, and critical issues clearly and effectively.
* Support deep dive assessments and ad-hoc data analysis requests.
A day in the life
This is a cross-functional role where you will work directly with engineers, product managers, policy and compliance specialists, and Amazon builders to define and perform comprehensive privacy control tests to evaluate the effectiveness of privacy controls in accordance with internal policies, external promises, and legal/regulatory requirements. You will use your investigative and analytical experience in combination with your technical depth to write complex test cases that represent a vast array of customer environments, interactions, and flows. You will be responsible for knowing the ins and outs of impacted systems, and ensure the impacted builders/owners follow the correct paths to compliance. You should be comfortable working in a fast-paced, rapidly evolving environment with fast delivery time, rapid iteration, and data-driven decision-making.
About the team
This role is a part of Privacy Governance, Risk, and Compliance (GRC) team within DSTP, which includes developing processes, tools, and compliance mechanisms to improve leadership decision making through an integrated view of how well D&S manages its unique set of privacy and trust risks. Our GRC team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and are building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.
Confirm your E-mail: Send Email
All Jobs from Amazon.com