Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate.



Security and privacy have never been more top of mind than it is today. Governments around the world are passing new legislations and enforcement of new tech regulations are increasing at a fast pace. Are you interested in cybersecurity and privacy compliance? Do you have experience in leading complex and cross-functional programs that ensure compliance with global cybersecurity and privacy regulations? If so, we have an exciting opportunity for you!



The Microsoft Security Compliance Program team educates and empowers the Microsoft Security organization to meet these regulations and build customer trust. The Compliance Program team ensures that Security products and services comply with Microsoft cybersecurity and privacy requirements while also leading efforts to deliver enterprise-wide cutting-edge compliance solutions.



We are looking for an experienced Principal Compliance Technical Program Manager to help grow and manage this team. This role provides you with the leadership opportunity to effect change that will have market-wide impacts. As the manager of a team of Compliance Technical Program Managers, you will be accountable for establishing a new Compliance program for the Security Division



The candidate could have an engineering or compliance background, understanding of engineering best practices, and experience in raising the quality of existing solutions. This candidate needs to have demonstrated written and verbal communication, an understanding for technology, experience providing guidance and direction to technical audiences, ability to drive towards the “big picture” while managing details, and the ability to build relationships with key partners.

Responsibilities

• Manage a team of subject matter experts (SME) in cybersecurity, privacy, and regulatory compliance to support our engineering partners via a hub and spoke model to deliver world-class trusted security products and services.
• Embrace a “compliance by design” mindset; proactively identify systemic gaps that should be integrated into program design and elevate them to the appropriate owners. Prevent local/one-off solutioning whenever possible.
• Understand the business priorities and strategies when it comes to training and education of security policies and engineering practices to enable durable customer trust.
• Work with security teams to help them navigate and meet regulatory requirements, ensuring the organization achieves and maintains necessary certifications ((e.g., such as ISO/IEC 27x, FedRAMP, SOC, PCI DSS, HIPPA)
• Provide guidance and support to internal teams on compliance-related matters, including policy development, risk management, and incident response.
• Coordinate response and evidence gathering in response to external auditors and regulators to facilitate compliance assessments and certifications.
• Lead cross-functional teams to address compliance-related issues and drive continuous improvement in the organization's compliance posture.
• Stay up to date with the latest regulatory changes and industry best practices and ensure the compliance program is continuously updated to reflect these changes.
• Conduct regular assessments to ensure compliance with relevant regulations and standards.
• Accountable for delivery of measurement frameworks, processes, and maturity models to both understand and improve the bar of technical compliance across the portfolio that meets needs of the rhythm of business with exec leadership.
• Monitor and report on the effectiveness of the compliance program, identifying areas for improvement and implementing corrective actions as needed.
• Serve as a subject matter expert on compliance and regulatory matters, providing strategic advice and guidance to senior leadership.
• Coordinate with other privacy, compliance, and risk management leaders in the company to ensure Microsoft Security’s programs are aligned and partner closely with governance owners, including Privacy Regulatory Affairs and Corporate External Legal Affairs Front Line.
  
  

Qualifications

Required/minimum qualifications

• Bachelor's Degree AND 6+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience.
• 3+ years of experience managing cross-functional and/or cross-team projects.
  
  

Other Requirements

The ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional Or Preferred Qualifications

• Bachelor's Degree AND 10+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience.
• 8+ years of experience managing cross-functional and/or cross-team projects.
• 1+ year(s) of experience reading and/or writing code (e.g., sample documentation, product demos).
• Experience with and awareness of emerging privacy and data governance related regulations.
  
  

Technical Program Management IC5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until October 8, 2024.

#MSFTSecurity #MSFTCompliance #SHPE24MSFT

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.