Description Are you an Information Technology (IT) Risk Manager ready for a step-up role with within Amazon’s unique IT environment? We are looking for an experienced IT Risk Manager within the First Line of Defense (1LoD) to enhance our IT risk management and control environment. Reporting to the Senior IT Risk Manager, the successful candidate will contribute to the development of a 1st Line IT Risk program across Amazon global regulated entities. The ideal candidate must have IT risk management experience, preferably, within the payments or financial services sector. Key job responsibilities • Support the Global Technology Officer (GTO) to attest compliance with the Global IT Risk Management Framework and legal entity regulatory requirements. • Design and implement IT risk controls, mitigation strategies, and remediation plans. • Establish IT risk management policies and procedures, ensure their implementation. • Define key risk indicators (KRIs), key performance indicators (KPIs) and SLAs for IT risk management. • Test critical applications to ensure resilience and recovery objectives set by the regulated entities are met. • Perform risk based deep dives to identify and understand IT risk drivers and to validate root causes of IT related loss events. • Contribute to risk assessment of third-party IT service providers. • Support in conduct Business Impact Analysis (BIA) to identify and classify critical IT services and systems. Basic Qualifications - Degree in Computer Science, IT, Engineering, related technical field or equivalent combination of education and relevant work experience. - Experience in enterprise risk management (ERM), regulatory compliance, and strategic risk oversight. - Experience in IT compliance, IT audit or IT risk management. - Experience building cross-functional partnerships and influencing stakeholders across the organization to act without having a direct reporting relationship. - A minimum of 7 years’ experience in technology risk, technology audit, within a financial institution, licensed money transmitter, or payments related e-commerce function. - A good understanding of IT risk and control frameworks: COBIT, NIST, ISO 27001, ITIL or equivalent. - Understanding of SDLC. Preferred Qualifications - Certified Information Systems Auditor (CISA) or equivalent IT auditing and risk certification. - Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP) or equivalent IT Risk, Governance, Security Strategy certification. - Digital transformations experience to drive process improvements. - A good understanding of regulatory landscape (CSSF, DORA, EBA, NIS2, SOC 2) - Experience with cloud platforms risk management, cloud security, and compliance, including IAM, cloud incident response, and resilience testing. - Master's degree or equivalent. Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( https://www.amazon.jobs/en/privacy\_page ) to know more about how we collect, use and transfer the personal data of our candidates. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.