Security Jobs

Come be a part of a rapidly expanding $35 billion-dollar global business. At Amazon Business, a fast-growing startup passionate about building solutions, we set out every day to innovate and disrupt the status quo. We stand at the intersection of tech & retail in the B2B space developing innovative purchasing and procurement solutions to help businesses and organizations thrive. At Amazon Business, we strive to be the most recognized and preferred strategic partner for smart business buying. Bring your insight, imagination and a healthy disregard for the impossible. Join us in building and celebrating the value of Amazon Business to buyers and sellers of all sizes and industries. Unlock your career potential.

The Amazon Business Global Integrations team is seeking an innovative, results-oriented Program Manager specializing in Risk, Security, and Privacy for Integration Security. This role will focus on ensuring the security, compliance, and trustworthiness of our integration ecosystem across AppCenter, Punchout, Ordering, APIs and eInvoicing solutions. The vision is to make Amazon Business integrations a trusted, secure platform where business customers can confidently connect third-party applications while maintaining the highest standards of data protection and risk mitigation.

This role is a core part of App Center Operations, responsible for defining and enforcing the privacy, security, and operational readiness standards required for third-party and partner applications to integrate with Amazon Business. App Center Operations ensures that integrations meet consistent governance expectations across data handling, workflow behavior, launch readiness, and post-launch operations, protecting customer trust at scale. This role is accountable not only for audit execution, but for defining the operating model, governance processes, and readiness standards that enable Amazon Business to scale third-party integrations safely and consistently.

• Security Program Management – owning and executing end-to-end security and privacy audit processes for all integration channels, establishing baseline security expectations, and maintaining consistent review standards across the partner ecosystem.
• Partnership Risk Management – working closely with Solution Architect (SA) teams as a security specialist to evaluate, onboard, and monitor technical partners while ensuring they meet Amazon's security standards and compliance requirements.
• Cross-functional Security Leadership – driving security initiatives across Product, Engineering, Legal, and Operations teams to identify vulnerabilities, mitigate risks, and enhance the overall security posture of our integration platforms.

We expect this individual to operate across distributed, cross-functional organizations, with a mix of strategic security planning and tactical risk mitigation execution. This role is accountable for end-to-end execution and outcomes of the security and privacy audit program, while partner teams provide subject-matter expertise and guidance. This role will be highly visible at senior levels of Amazon Business.

• Own end-to-end security and privacy audit process for all apps and integrations across AppCenter, Punchout, Ordering, and eInvoicing; establish baseline security expectations and maintain central audit tracker as system of record.
• Define, document, and continuously evolve App Center security, privacy, and operational readiness processes, including standard intake workflows, security questionnaires, audit frameworks, and risk classification models; ensure these processes are scalable, repeatable, and consistently applied across all integration channels.
• Conduct comprehensive risk assessments for new and existing partners, analyzing architecture diagrams, data flows, security documentation, and privacy policies to identify vulnerabilities and compliance gaps.
• Make approval decisions (approve, approve with conditions, or block) and manage remediation tracking with clear timelines; ensure security approval is required launch gate for all net-new apps.
• Coordinate with SA Org for technical security assessments and Legal for privacy/compliance reviews; manage escalations and incident response for security breaches.
• Ensure partners comply with data protection regulations (GDPR, CCPA), implement secure authentication (OAuth), encryption, least-privilege access, and documented retention policies.
• Establish and maintain App Center Operations systems of record, security monitoring mechanisms, and metrics (audit turnaround time, approval rates, post-listing escalations); define and publish security, privacy, and operational readiness playbooks and SOPs used across Product, SA, QA, and Support teams.
• Establish clear engagement models and handoff points between App Center Operations, Solution Architecture, Quality Assurance, and Support Engineering to ensure governance checks are integrated into design reviews, testing cycles, launch approvals, and post-launch support workflows.
• Prepare and deliver regular security business reviews to senior management on risk posture, metrics, and strategic investments; create repeatable, scalable processes with standard tools.
• Partner with Product, Legal, Marketing, and SA teams to align security roadmap with business objectives and identify emerging security threats.
• Make delisting recommendations when partners fail remediation or unacceptable customer risk exists; balance security rigor with business velocity.
• Define and own operational readiness criteria for AppCenter and integration partners, including launch gating requirements related to support readiness, incident response expectations, data lifecycle management, and escalation paths across Security, Support Engineering, and Product teams.

• 2+ years of program or project management experience.
• 2+ years of defining and implementing process improvement initiatives using data and metrics experience.
• Knowledge of Excel (Pivot Tables, VLookUps) at an advanced level and SQL.
• Experience using data and metrics to determine and drive improvements.
• Experience working cross functionally with tech and non-tech teams.

• 3+ years of driving end to end delivery, and communicating results to senior leadership experience.
• 3+ years of driving process improvements experience.
• Experience in stakeholder management, dealing with multiple stakeholders at varied levels of the organization.
• Experience building processes, project management, and schedules.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Posted: January 16, 2026 (Updated about 2 hours ago)

Posted: December 5, 2025 (Updated about 3 hours ago)

Posted: January 29, 2026 (Updated about 11 hours ago)

Posted: January 12, 2026 (Updated about 11 hours ago)

Posted: January 23, 2026 (Updated about 18 hours ago)

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.