Risk Manager, Vendor Security
Amazon · Bangalore, India · Finance & Accounting
director
finance
Risk Analyst
hybrid
· Posted Mar 31, 2026
Do you want to be instrumental in the success of some of Amazon’s strategic and high impact projects and programs. Risk Manager, Vendor Security works as an individual contributor, capable of contributing to the delivery of technical global programs and projects, managing stakeholders, assessing the security risk of vendors by partnering with multiple stakeholders to ensure vendors meet Amazon’s security bar. This highly visible and challenging position is self-driven, project and compliance focused, and goal oriented, with the objective of delivering business solutions that meet stakeholder needs.
The team is part of FGBS, with members based in several different countries. The team function sits within FORGE and as such, this position will work with leadership in FinOps, Vendor Management, Compliance & Controllership, and tech teams within FinOps to build and deliver high impact global programs and projects.
Key job responsibilities
• Security Assessments: 1) Acting as subject matter expert on technology implementation, changes and risk-based security reviews and assessments. 2) Performing security reviews, remediating risk and exception management 3) Collecting/reviewing data from multiple sources to assess a third party's security. 4) Building, evolving, and improving sustainable processes and measurement systems to ensure that security policy requirements are maintained. 5) Serving as an advisor on security & compliance issues for tech and operations team
• Internal project and program management: Contribute to technical global projects from annual program roadmaps and/or as part of ad-hoc requests from stakeholders. This includes all end to end stages of project management, from business requirements gathering and scoping to change management and delivery.
• Vendor-facing project management: Work with external vendors on global projects, ensuring Amazon FinOps business needs are met while also balancing business & risk agreements between all stakeholders and / or customers.
• Reporting: Prepares reports on given cadences to share status of ongoing projects, programs, and goals completion/progress (i.e. MBR, QBR, monthly updates, etc.)
• Goals and roadmap planning: Provide input on the creation of annual program roadmaps and goals supported by the team
• Stakeholder management: Manage communication with both internal and external stakeholders and support them through the delivery of projects
• Documentation: Provide support on creation of standard operation procedures (SOP), frameworks, and project documentation, among others
- Bachelor's degree or equivalent
- 5+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience
- Experience in change/stakeholder management and project documentation (i.e. contributing to project playbooks, building schedules, managing issues/risks, establishing communication plans and stakeholder engagement, among others)
- Experience with SQL and Excel
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.
The team is part of FGBS, with members based in several different countries. The team function sits within FORGE and as such, this position will work with leadership in FinOps, Vendor Management, Compliance & Controllership, and tech teams within FinOps to build and deliver high impact global programs and projects.
Key job responsibilities
• Security Assessments: 1) Acting as subject matter expert on technology implementation, changes and risk-based security reviews and assessments. 2) Performing security reviews, remediating risk and exception management 3) Collecting/reviewing data from multiple sources to assess a third party's security. 4) Building, evolving, and improving sustainable processes and measurement systems to ensure that security policy requirements are maintained. 5) Serving as an advisor on security & compliance issues for tech and operations team
• Internal project and program management: Contribute to technical global projects from annual program roadmaps and/or as part of ad-hoc requests from stakeholders. This includes all end to end stages of project management, from business requirements gathering and scoping to change management and delivery.
• Vendor-facing project management: Work with external vendors on global projects, ensuring Amazon FinOps business needs are met while also balancing business & risk agreements between all stakeholders and / or customers.
• Reporting: Prepares reports on given cadences to share status of ongoing projects, programs, and goals completion/progress (i.e. MBR, QBR, monthly updates, etc.)
• Goals and roadmap planning: Provide input on the creation of annual program roadmaps and goals supported by the team
• Stakeholder management: Manage communication with both internal and external stakeholders and support them through the delivery of projects
• Documentation: Provide support on creation of standard operation procedures (SOP), frameworks, and project documentation, among others
Basic Qualifications
- 3+ years of compliance program management, legal, governance, audit, risk/loss prevention, or equivalent experience- Bachelor's degree or equivalent
- 5+ years of any combination of the following: application security frameworks, identity and access controls, incident response, mobile security, cloud computing and security, AI security, threat intelligence, and penetration testing experience
- Experience in change/stakeholder management and project documentation (i.e. contributing to project playbooks, building schedules, managing issues/risks, establishing communication plans and stakeholder engagement, among others)
Preferred Qualifications
- Professional auditing qualification, or similar risk or compliance credentials- Experience with SQL and Excel
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.