Physical Soc Manager, Aws Security

Job ID : 2696757 | Amazon Web Services Australia Pty Ltd

Amazon Web Services (AWS) is the leading cloud service provider, providing virtualised infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS’ highly secure infrastructure.

AWS Security is looking for a Security Manager - Physical (i.e. Physical Security Manager) to lead and manage the design, development and the implementation of a Physical Security Operations Centre (PSOC). From certification, accreditation, assurance and authorisation activities across the security program. This role will establish and execute the overall strategy to operationalise the PSOC capability from the concept phase through to the operations phases.

Key job responsibilities

• Provide risk, threat, and vulnerability management subject matter expertise to support the AWS Security leadership and other security teams – governance, personnel, information, logical and physical.
• Direct and oversee the management of Physical / Protective Security Risk, Threat, and Vulnerability Management.
• Manage and implement an effective protective security risk, threat and vulnerability management plan, schedule, and roadmap, including stakeholder engagement and support, processes, and documentation.
• Management and implement protective security risk, threat, and vulnerability deliverables – e.g. internal and external audit items, security deliverables annual PSPF Self-assessment and ASD Cyber Survey.
• Preparation of executive level presentation packs, briefings, papers and reports to various internal and external governance bodies and stakeholders.
• Develop, oversee, and review protective security policies, procedures, processes, guidelines, forms and templates relating to protective security and day to day protective security operations.
• Identify vulnerable processes and systems and provide advice and support for the remediation of security risk and reduce exposure to security threats to support the rollout of new assets.
• Engage with and work collaboratively with stakeholders across the AWW and externally, in relation to risk, threat and vulnerability management obligations, e.g. PSPF and ASD Cyber Survey (Essential 8).

Hold or be able to attain an Australian Government Security Vetting Agency clearance (see here).

A day in the life

In your day-to-day you will need to exercise sound judgment in making trade-offs between short versus long term security and business goals. You will demonstrate resilience and navigate difficult situations with composure and tact, with a goal to achieve a great outcome for the customer. You will be successful in this role by regularly analysing your own performance with a critical eye. A broad understanding of the AWS business and its interconnections is required. This position will also provide training, advice, and mentorship to other teams throughout AWS.

About the team

Diverse Experiences

Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.

Why Amazon Security

At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon’s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.

The team is comprised of security professionals with a cross section of national security and private sector experience, providing a range of perspectives required for creative problem solving. We value diversity of thought, creativity, and a strong Bias for Action and Earn Trust. We believe that there are no "perfect" security solutions and we develop and iterate using a continuous improvement process.

Work / Life Balance

We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve.

Inclusive Team Culture

In Amazon Security, it’s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.

Training and Career growth

We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.

BASIC QUALIFICATIONS

• 6+ years experience working in areas related to PSOC, or public sector agencies involved in physical security management.
• Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight).
• Minimum 5 years experience in implementing and operationalising security to meet business outcomes.
• Strong communication skills with the ability to produce detailed and complex written business cases.

PREFERRED QUALIFICATIONS

• Degree or equivalent experience in (Computer Science, Engineering, Cyber Security, IT Security Management, Security Risk Management) a related security field.
• Proven ability to not only influence but lead business partners and supporting teams.
• Ability to credibly coordinate between technical teams and business stakeholders.