Job is more than 1 month old.
Job Details
Posted date: Aug 22, 2024
Location: Sunnyvale, CA
Estimated salary: $182,650
Range: $133,900 - $231,400
Description
Devices and Services Trust and Privacy (DSTP) is responsible for maintaining and raising the trust bar for Amazon customers across a diverse set of 30+ Devices and Services (D&S). DSTP offers horizontal services for builders to ensure trust, privacy, and accessibility is built into our products and services. We also build customer-facing capabilities that provides customers with control and transparency and reducing privacy risk, while enabling partner teams to innovate with appropriate guardrails for content moderation, privacy, accessibility, and trust.The DSTP team is seeking a Senior Technical Program Manager with privacy and data protection risk management expertise and technical program management skills to join DSTP. This position, which is part of our Trust Fundamentals Privacy Governance, Risk Management, and Compliance (GRC) team, requires detail-oriented privacy event handling as well as high-judgment decision-making from the time events are ingested in our privacy risk intake tool (Events Register) all the way to incident containment or risk mitigation. You will work with builder, engineering, product, legal, PR, Marketing. and other privacy and security teams across Amazon to handle (1) Large scale, often urgent, escalated events, (2) Create internal and external processes for incident containment, risk remediation, and escalation handling, (3) Investigate escalated events that are potentially high or critical risk to customer trust and privacy, and (4) Support post-mortem analysis of escalations to determine and propose improvements to better D&S’ privacy risk posture. In this role, you will drive continuous reporting and metrics (Flash Reports, XBRs) across DSTP Risk & Incident teams to inform stakeholders and management of key privacy and compliance trends. Your quick thinking and stakeholder management skills will be put to practical use to resolve escalations in a timely and appropriate manner by bringing drifts from customer promises, privacy policies, and legal requirements to a close.
Key job responsibilities
* Manage escalated privacy risk events/cases from start to finish; write detailed case notes, reports, summaries, short and long-term recommendations, and trade-off analyses for all audiences, including senior leadership.
* Interact with and influence other teams (e.g., service teams, engineering, product, legal); identify experts and stakeholders on other teams to support decisions on containing incidents or mitigating privacy risks; build consensus and recommendations based on analysis of the nature of potential violations to Privacy Policies, Promises, or Legal/Regulatory requirements.
* Own successful delivery of large, impactful, and highly cross-functional program initiatives while simultaneously tracking a set of smaller projects. Demonstrate comfort with handling technical investigations and analysis, and provide actionable recommendations to senior leadership audience with minimal supervision.
* Develop deep knowledge of global privacy obligations, processes, best practices, and solutions utilized by Amazon. Utilize this knowledge to provide recommendations and consultation to improve DSTP processes and tooling and reduce risk through control automation and enhancements.
* Establish metrics and regular reporting/escalation mechanisms for measuring results, progress, and gaps in performance and compliance.
* Communicate plans, status, and critical issues clearly and effectively.
* Support deep dive assessments and ad-hoc data analysis requests.
A day in the life
This is an inherently cross-functional role where you will work directly with engineers, product managers, policy and compliance specialists, legal, PR, Marketing, and other Amazon builders to help them identify, expediently contain/mitigate privacy incidents and risks, and implement a Privacy by Design and Default culture. You will use your investigative and/or analytical experience and demonstrate your prowess and experience in writing and briefing complex cases. You will track risk assessment, validation, adjudication, and remediation actions, and ensure that teams prioritize and execute those tasks in a timely fashion. You will be responsible for knowing the ins and outs of impacted systems, and ensure the impacted builders/owners follow the correct paths to compliance. You should be comfortable working in a fast-paced, rapidly evolving environment with fast delivery time, rapid iteration, and data-driven decision-making.
About the team
This role is a part of Trust Fundamentals’ Privacy GRC team within DSTP, which includes developing a set of processes, tools, and compliance mechanisms to improve leadership decision making and performance through an integrated view of how well D&S manages its unique set of privacy risks. Our GRC team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and are building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded professional and enable them to take on more complex tasks in the future.
Qualifications
- 7+ years of technical product or program management experience- 7+ years of working directly with engineering teams experience
- Experience managing programs across cross functional teams, building processes and coordinating release schedules
- Bachelor's degree in engineering, computer science or equivalent
Extended Qualifications
- 7+ years of project management disciplines including scope, schedule, budget, quality, along with risk and critical path management experience- Experience managing projects across cross functional teams, building sustainable processes and coordinating release schedules
- Experience defining KPI's/SLA's used to drive multi-million dollar businesses and reporting to senior leadership
- 7+ years of analytical, quantitative, communication, and presentations experience
- Broad understanding of cloud computing, LLM/AI/ML technology and trends, privacy regulations (e.g., GDPR, CCPA, COPPA, HIPAA), privacy GRC framework, and privacy risk management methodologies and tooling.
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $133,900/year in our lowest geographic market up to $231,400/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.
Check out other jobs at Amazon.