DESCRIPTION

Whole Foods Market is synonymous with impeccable standards and the highest quality products available. Our Information Technology team is looking for talented individuals to help drive the Information Security organization to help protect our data, our Team Members, and most importantly, our customers.

This organization owns the end-to-end security of all systems and data across Whole Foods Market. You should be highly passionate about application security, vulnerability analysis/assessment, penetration testing, and remediation. The ideal candidate has a background in product security engineering or application security research, and can discover SQL injection vulnerabilities and write XSS exploits, but would rather talk about vulnerabilities than find them.

Are you skilled at helping customers and partners prioritize and understand their risk requirements and translate those insights to decision makers? Can you lead the discussion and collaborate with system owners on risk remediation activities? Do you have the discipline to deliver results when the going gets ambiguous? Are you ready to do all this on a massive scale, with a strong passion for ownership and accountability?

We are seeking an experienced Sr. Technical Program Manager in the Information Security domain to develop, expand, and drive the structure, processes, programs, and interactions needed for a successful technical risk management program. You’ll be a critical part of an organization focused on positively influencing the security culture, with the ultimate goal of reducing information security risk.

This position is based in Austin, TX.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.

BASIC QUALIFICATIONS

· Bachelor’s degree or Master’s degree in Computer Science or Information Security, or equivalent industry experience
· 6+ years of Technical Program Management experience
· 8+ years of experience working in the field of Information Security or Risk Management
· Demonstrated experience with project and stakeholder management
· Understanding of information security, privacy frameworks, and compliance requirements
· Technical knowledge in multiple security domain areas such as applications, system and network security, authentication, and security protocols
· Security knowledge on current threats, trends, and mitigations
· Skilled in risk management, technical risk analysis, and making complex business/risk trade-off recommendations and decisions
· Demonstrated ability to work through ambiguity to detailed solutions
· Maturity, judgment, and proven ability to lead and influence others
· Independently driven, resourceful, and able to deliver results with minimal direction
· Ability to communicate clearly and effectively with engineering, product management, and senior business leaders
· High sense of ownership, urgency, and drive

PREFERRED QUALIFICATIONS

· Senior-level written and verbal communication skills
· Excellent leadership, teamwork and collaboration skills
· Experience in generating automated metrics to measure IT security effectiveness and consistency
· Experience with service-oriented architectures and web services security
· Experience with AWS-specific technologies
· Experience with reviewing threat assessments