Risk Manager, AWS Risk Management
Amazon · Arlington, VA · Finance & Accounting
director
finance
Risk Analyst
hybrid
· Posted Mar 30, 2026
$74,200 – $129,800
USD per year
Skills
We are seeking an experienced Risk Manager to join the Risk Management Excellence (RMX) team at AWS. This role is responsible for managing Compliance and Security Assurance (CSA) requests and regulatory inquiries, serving as the primary point of contact for interpreting, scoping, and responding to audit and regulatory demands across a complex global risk landscape. The ideal candidate brings deep familiarity with Enterprise Risk Management (ERM) and Third-Party Risk Management (TPRM) frameworks, and a nuanced understanding of the regulatory regimes that govern AWS operations worldwide.
Key job responsibilities
Serve as the primary owner for inbound customer audit requests and regulatory inquiries, ensuring responses are accurate, appropriately scoped, and delivered on time. Interpret audit and regulatory requests through the lens of AWS's ERM and TPRM programs to ensure responses are neither over-disclosed nor under-responsive. Maintain working knowledge of key regulatory regimes impacting AWS globally, including DORA (EU), UKCTP (UK), and FBAs (US), and any regime requiring ERM or TPRM program involvement. Own end-to-end tracking of all active audit and regulatory requests, maintaining a centralized log with status, owners, deadlines, and escalation flags. Drive accountability across stakeholders through structured project management practices. Collaborate cross-functionally with Legal, Compliance, Security, and Finance teams to gather and validate response content. Identify patterns across audit requests to surface systemic risks or documentation gaps, and contribute to the development of reusable response frameworks to improve efficiency and consistency.
A day in the life
You'll triage incoming customer audit requests and regulatory inquiries, assessing each against AWS's ERM and TPRM programs to determine scope and stakeholders. You'll collaborate with Legal, Compliance, Security, and Finance teams to finalize responses to regulators and customers, ensuring precision and appropriate disclosure. You'll maintain a centralized tracking log, escalating complex or time-sensitive requests as needed. You'll deep-dive into program documentation to craft response templates and identify process improvements. You'll monitor regulatory developments globally to stay ahead of emerging requirements that could impact AWS's audit response posture.
About the team
The Risk Management Excellence (RMX) team within AWS FGBS serves as the central hub for enterprise risk management across AWS. We partner with Legal, Compliance, Security, Finance, and business teams to ensure coordinated risk management at scale. The team is collaborative, intellectually curious, and committed to operational excellence. You'll work alongside risk managers, compliance specialists, and program managers building scalable risk frameworks in one of the world's most dynamic and regulated technology environments. This is a high-visibility role with direct impact on AWS's regulatory relationships and customer trust.
- 6+ years of compliance, audit or risk management experience
- Experience in auditing, risk management, compliance, program management, or quality management systems
- Experience managing multiple projects and meeting aggressive deadlines
- Experience in written and verbal communication with the ability to present complex technical information in a clear and concise manner to executives and non-technical leaders
- Demonstrated understanding of ERM and/or TPRM frameworks
- Experience with SQL and Excel
- Experience with IT compliance and risk management requirements (e.g. security, privacy, SOX, HIPAA etc.)
- Experience with cloud, server or infrastructure technologies and business models
- CISSP, CISA, CISM or other security certification
- Familiarity with one or more of the following regulatory regimes: DORA, UKCTP, US Federal Banking Agency requirements, or equivalent financial services regulations
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
USA, VA, Arlington - 74,200.00 - 129,800.00 USD annually
USA, WA, Seattle - 82,700.00 - 129,800.00 USD annually
Key job responsibilities
Serve as the primary owner for inbound customer audit requests and regulatory inquiries, ensuring responses are accurate, appropriately scoped, and delivered on time. Interpret audit and regulatory requests through the lens of AWS's ERM and TPRM programs to ensure responses are neither over-disclosed nor under-responsive. Maintain working knowledge of key regulatory regimes impacting AWS globally, including DORA (EU), UKCTP (UK), and FBAs (US), and any regime requiring ERM or TPRM program involvement. Own end-to-end tracking of all active audit and regulatory requests, maintaining a centralized log with status, owners, deadlines, and escalation flags. Drive accountability across stakeholders through structured project management practices. Collaborate cross-functionally with Legal, Compliance, Security, and Finance teams to gather and validate response content. Identify patterns across audit requests to surface systemic risks or documentation gaps, and contribute to the development of reusable response frameworks to improve efficiency and consistency.
A day in the life
You'll triage incoming customer audit requests and regulatory inquiries, assessing each against AWS's ERM and TPRM programs to determine scope and stakeholders. You'll collaborate with Legal, Compliance, Security, and Finance teams to finalize responses to regulators and customers, ensuring precision and appropriate disclosure. You'll maintain a centralized tracking log, escalating complex or time-sensitive requests as needed. You'll deep-dive into program documentation to craft response templates and identify process improvements. You'll monitor regulatory developments globally to stay ahead of emerging requirements that could impact AWS's audit response posture.
About the team
The Risk Management Excellence (RMX) team within AWS FGBS serves as the central hub for enterprise risk management across AWS. We partner with Legal, Compliance, Security, Finance, and business teams to ensure coordinated risk management at scale. The team is collaborative, intellectually curious, and committed to operational excellence. You'll work alongside risk managers, compliance specialists, and program managers building scalable risk frameworks in one of the world's most dynamic and regulated technology environments. This is a high-visibility role with direct impact on AWS's regulatory relationships and customer trust.
Basic Qualifications
- Bachelor's degree or equivalent- 6+ years of compliance, audit or risk management experience
- Experience in auditing, risk management, compliance, program management, or quality management systems
- Experience managing multiple projects and meeting aggressive deadlines
- Experience in written and verbal communication with the ability to present complex technical information in a clear and concise manner to executives and non-technical leaders
- Demonstrated understanding of ERM and/or TPRM frameworks
Preferred Qualifications
- Professional auditing qualification, or similar risk or compliance credentials- Experience with SQL and Excel
- Experience with IT compliance and risk management requirements (e.g. security, privacy, SOX, HIPAA etc.)
- Experience with cloud, server or infrastructure technologies and business models
- CISSP, CISA, CISM or other security certification
- Familiarity with one or more of the following regulatory regimes: DORA, UKCTP, US Federal Banking Agency requirements, or equivalent financial services regulations
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
USA, VA, Arlington - 74,200.00 - 129,800.00 USD annually
USA, WA, Seattle - 82,700.00 - 129,800.00 USD annually