As a member of the Workplace Privacy Artificial Intelligence (AI) Review team, you will play a key role in operationalizing privacy across Amazon’s global employee, candidate, and contingent worker populations. This includes engaging with multiple stakeholders across the enterprise to help ensure compliant outcomes. You will be responsible for consulting with key stakeholders to drive alignment with global privacy and AI regulatory requirements, including GDPR.
In the execution of Amazon’s global privacy obligations, you will rely heavily on your subject matter expertise, as well as your case management, analytical, and relationship building skills to develop and deploy innovative strategies for data protection within AI enabled tools. The identified candidate will demonstrate proven experience to: support diverse stakeholders; evaluate control effectiveness within AI; understand levels of potential risk and how to address them; provide in-depth consultation; and have the ability to synthesize diverse data to identify patterns, draw conclusions, and prioritize remediation efforts using risk management concepts. Excellent writing skills are required as the output for this role will be documentation that aligns to privacy regulations worldwide.
The ‘day-to-day’ aspect of this role will be to review third party and internal Amazon AI applications for compliance with global privacy obligations and best practices. As part of this you will provide proactive guidance for upcoming tech builds and roadmaps, work with senior leaders on acceptable business risk when applicable, and track remediation actions as needed. You will be responsible for knowing the privacy risks of systems, and ensure the system owners follow the correct paths to full compliance. After reviewing each system, you will be responsible for creating a Data Protection Impact Assessment (DPIA) and Record of Processing (RoP) for regulatory need.
Key job responsibilities
Key Responsibilities Include
- Consult with global legal, research science, applied science, information security, and HR policy, process, vendor, and application owners to ensure that sound protocols are in place to mitigate privacy risks unique to AI, including model bias testing and feature attribution.
- Monitor known and emerging risks, measure internal control effectiveness, and develop and own action items to remediate identified risk issues.
- Socialize and secure commitment for remediation and risk management strategies.
- Develop deep knowledge of employee privacy obligations and data privacy processes and solutions utilized by Amazon.
- Assess areas for AI privacy program improvement and implement solutions.
- Consult on the development of business requirements for new system and model implementations and enhancements.
- Draft written narratives to communicate obligations, risk analyses, and recommendations.
- Inventory risk and compliance obligations in a governance, risk and compliance (GRC) system framework.
- Prepare other supporting documentation such as best practice blueprints for teams deploying AI.
- Respond to questions and troubleshoot issues.
- Manage other risk and compliance related projects as needs arise.
- Ability to travel up to 10% including international destinations.
The successful candidate leverages their background in compliance, engineering, data protection, data science, human resources, data governance, and/or data modelling to implement privacy controls across the internal technology ecosystem.
Basic Qualifications
- Experience in a privacy, data science, or risk management role
- BA/BS degree or equivalent experience
- Experience with GDPR, CCPA, and familiarity with emerging AI regulation
Preferred Qualifications
- Experience in privacy engineering, technical privacy review, software engineering, or data science
- Advanced degree in a related area (CS or MBA)
- Relevant certifications such as CIPT, CIPP/E, CIPP/US, AWS CCP, or AWS Certified Machine Learning
- Experience working in a global, large-scale, complex, and fast-paced environment
- Ability to work in an ambiguous environment and drive forward results
- Experience Coding in Python, PHP, Java, C/C++ (or equivalent language) including code maintenance and review
- Problem solver, able to troubleshoot issues independently or escalate when necessary; sense of accountability and sound professional judgment
- Proven analytical capabilities; experience with large amounts of data and in developing audit reports, metrics, and reporting mechanisms
- Experience defining technical requirements and specifications, writing policy, and adapting requirements to technical and business needs
- Excellent written and verbal communication skills
