포지션 상세
Amazon obsesses over customers; delivering results for customers is what we do. We are looking for independent, passionate, and deeply experienced professionals in the Security, Compliance and Assurance domain to provide depth in assisting our partners, customers and their stakeholders to understand and address their security, regulatory and compliance requirements in moving their sensitive workloads and heavily regulated data into the cloud. This candidate for the AWS Korea CISO position should be a technically experienced and innovative security/compliance professional who has the ability to handle a wide range of regulatory, government security, and privacy requirements.
• Anticipate new or potential domestic and regional laws and regulations for potential impact to AWS and our customers, and develop appropriate mitigation and implementation approaches in Korea
• Escalate and manage escalations as necessary
• Develop and execute long-term regulatory projects and initiatives, which may have broad scope and complexity, for AWS and AWS' regulated customers
• Create, optimize, and support cross-functional groups and projects
• Prepare project plans and track projects through fruition
• Support metrics, implement data collections mechanisms, analyze data and make recommendations
• Drive compliance with Korean regulations and integrate these controls with global AWS standards, practices, and policies
• Deliver industry standard and regulatory audits personally alongside peers
• Speak, write, and read fluently in English
• 10+ years working in the field of Computer Science, Engineering, Cyber Security, IT Security Management
• 5+ years working directly in a Security organization overseeing data protection policies and mechanisms
• 5+ years of experience working directly with government officials and/or company executives on financial regulatory, technology, or related policy issues
• At least 4 years of experience in the field of 'data protection'; OR at least 5 years of combined experience in 'information technology' and/or 'data protection' with at least 2 years in 'data protection' (per Korean CISO qualification requirements under 정보통신망 이용촉진 및 정보보호 등에 관한 법률)
• Prior experience in industry standard third party audits (e.g. SOC, PCI, ISO) and/or Korean regulatory audits (e.g. MSIT, RSEFT, CSAP)
주요업무
• Serve as regulatory expert to AWS, customers, auditors, and regulators on regional and domestic regulations on outsourcing, cybersecurity, and operational resilience in the industry• Anticipate new or potential domestic and regional laws and regulations for potential impact to AWS and our customers, and develop appropriate mitigation and implementation approaches in Korea
• Escalate and manage escalations as necessary
• Develop and execute long-term regulatory projects and initiatives, which may have broad scope and complexity, for AWS and AWS' regulated customers
• Create, optimize, and support cross-functional groups and projects
• Prepare project plans and track projects through fruition
• Support metrics, implement data collections mechanisms, analyze data and make recommendations
• Drive compliance with Korean regulations and integrate these controls with global AWS standards, practices, and policies
• Deliver industry standard and regulatory audits personally alongside peers
자격요건
• Speak, write, and read fluently in Korean• Speak, write, and read fluently in English
• 10+ years working in the field of Computer Science, Engineering, Cyber Security, IT Security Management
• 5+ years working directly in a Security organization overseeing data protection policies and mechanisms
• 5+ years of experience working directly with government officials and/or company executives on financial regulatory, technology, or related policy issues
• At least 4 years of experience in the field of 'data protection'; OR at least 5 years of combined experience in 'information technology' and/or 'data protection' with at least 2 years in 'data protection' (per Korean CISO qualification requirements under 정보통신망 이용촉진 및 정보보호 등에 관한 법률)
• Prior experience in industry standard third party audits (e.g. SOC, PCI, ISO) and/or Korean regulatory audits (e.g. MSIT, RSEFT, CSAP)
