Sr. IT Risk Manager, Risk and Compliance Solution

Sr. IT Risk Manager, Risk and Compliance Solution

Job ID: 2855481 | Amazon Payments UK Limited

Amazon Payments is growing fast and the Regulated Payments Risk team is building out Risk Management support for our regulated payments products across the globe. We’re looking for a seasoned IT Risk manager to help continue to drive maturity in our IT Risk programs and controls. This role will look at EU, UK, MENA, NA and SA regulatory jurisdictions and payments products at Amazon to ensure a multi-disciplinary IT risk management function. We want someone ready to partner across our technology and security engineering groups to identify and manage areas of risk. The right person will get the opportunity to leverage and grow your technology risk skills, expand your knowledge and work within a fast-paced and exciting environment.

Key Responsibilities

1. Risk Management Expert: Experienced specialist in information technology risk management, including cybersecurity principles, cloud strategies, payment technologies (preferable) and IT operational processes.
2. Risk Appetite: Oversee risk appetite metrics, KRIs, and other monitoring to ensure Risk Tolerances are appropriately monitored in each region.
3. Risk Position and Profile: Implement detailed, data-driven narratives to inform leadership of risk profile related to a variety of IT Risk and Security topics. Conduct risk assessments. Provide risk position and challenge on new products, changes, and risk remediation efforts.
4. Regulatory Awareness: Apply expert risk-based guidance on adherence to Information Technology and Cybersecurity risk-related regulations from the CSSF, FCA, NYDFS, and other applicable regulatory bodies.
5. Influencer: Build and maintain relationships with key business and operational stakeholders, serving as a credible challenger regarding Amazon Payments Information Technology and Cybersecurity Risk treatment.
6. Provide credible challenge across all information, technology, and cybersecurity risks both enabling business growth while maintaining related risks within appetite.
7. Influence global payments technology risk management policies and frameworks to ensure requirements for regulations are met. Update global IT risk policies in each region by supporting policies and ensuring compliance with standards.
8. Oversee and drive first line remediation of IT exceptions which are outside of risk appetite.
9. Assess key controls and provide IT risk and governance feedback on key projects.
10. Provide subject matter expertise in terms of best practice, ICT regulatory requirements, IT resiliency plans and risk mitigation.
11. Maintain strong relationships with key technology teams and work with these teams to gain a good understanding of the IT architecture to provide a view of the IT risk profile for region.
12. Review controls relating to information, technology, and cybersecurity risks.
13. Perform deep dives on technology compliance-related processes and systems.
14. Identify system limitations that could lead to regulatory risks in new products and services, and provide guidance for resolution and risk mitigation.
15. Investigate IT operational risk events and incidents, ensuring root cause analysis and remediation of controls, where required.
16. Provide advice to stakeholders regarding the remediation of IT audit findings and implementation of recommended actions.

BASIC QUALIFICATIONS

1. Experience in compliance, audit or risk management
2. Bachelor's degree or equivalent
3. Bachelor’s degree in Management Information Systems, Computer Science, or related field, or relevant industry experience
4. 7+ years of progressive experience in information security, cybersecurity, and/or privacy risk
5. Experience with regulatory requirements, financial services technology, or payments systems
6. Skilled in risk management and making complex business/risk trade-off recommendations and decisions
7. Background in security compliance, IT risk management and technical frameworks
8. Experience in analyzing large data sets
9. Understanding of system development lifecycles
10. Excellent written and verbal communication skills

PREFERRED QUALIFICATIONS

1. Master's degree or equivalent
2. Highly value payments systems experience
3. Second line risk management
4. EU/UK IT Risk experience including multiple regulatory jurisdictions
5. Relevant Industry Certifications (CISSP, CISA etc.)
6. Experience with IT risk frameworks (e.g., NIST, ISO 2700X)

Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice (https://www.amazon.jobs/en/privacy_page) to know more about how we collect, use and transfer the personal data of our candidates.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Posted: December 20, 2024 (Updated about 14 hours ago)