Microsoft's Cloud Operations & Innovation (CO+I) is the engine that powers our cloud services. As a Senior Program Manager, you will have a key role in ensuring the safe delivery of core infrastructure and foundational technologies for Microsoft's online services including Bing, Office 365, Xbox, OneDrive, and the Microsoft Azure platform. Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers. Our foundation is built upon and managed by a team of subject matter experts working to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.
Are you an experienced risk management professional with a passion for technology and innovation? Want to be at the heart of Microsoft's transformation and contribute to the success of the CO+I mission? We are looking for a passionate, high energy individual to join our Cloud Infrastructure Security, Safety and Governance (CISSG) team to help protect the critical infrastructure that powers some of the world's largest online services. Within CISSG, the CO+I Risk & Resilience Office is looking for a program management professional with well-rounded experience in risk management, including risk identification and risk review/monitoring with a strong emphasis in threat/vulnerability risk assessment and mitigation strategies. This is a great opportunity for a candidate who wants to work in a dynamic environment supporting CO+I as a program manager responsible for execution of Threat Vulnerability Risk Assessment (TVRA) and Geo-Risk assessments.
This opportunity will require the successful candidate to summarize financial, legal, reputational and operational risk data at key decision points and present soundly supported comprehensive risk assessments to assist senior management in making well-informed decisions. Our organization manages diverse, complex programs on a global level and the candidate will need to have large scale experience and a growth mindset to fit in well.
* 7+ years of experience working in large, complex businesses in risk management/program management/engineering or related field * Proven experience in driving change by influencing for impact * Strong work and compliance ethic * Strong attention to detail, and analytical, problem solving and decision-making skills * Strong networking, interpersonal and communication skills across all levels of the organization * Demonstrated history of effective time management and ability to adapt to changing priorities * Strong project management skills (incl. clear, concise process documentation, project charters / SOPs / runbooks etc., customer facing + internal project / program reports, issue tracking and escalation) * Proficiency in identifying, assessing, quantifying, documenting and monitoring threats, vulnerabilities, risks, controls and mitigations * Proficiency in responding to customer and internal audit inquiries * Demonstrated on-the-job learning, work both independently and in a team environment * Ability to translate business needs into technical requirements * Ability to identify, analyze, and summarize complex risk data in a way that is meaningful for various audiences * Ability to think strategically and deliver impact through collaboration that leads to risk reduction, efficiencies and cost savings * Ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment * Proven track record of delivering high quality work that meets or exceeds expectations * Growth mindset
* Proficient in the use of Microsoft Office products for business * Experience designing and delivering Power BI solutions * Experience with Risk and Controls Management tools and systems * Experience with building and implementing datacenter risk analyses frameworks, methodologies and tools
Experience with or exposure to regulatory and industry compliance frameworks and audits (e.g. ISO 27001, PCI, SOC, FedRAMP)
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
This opportunity will require the successful candidate to coordinate with a virtual team of stakeholders and subject matter experts within CO+I and external to our business, such as Compliance & Legal teams, Finance, and other engineering groups such as Office 365 and Azure.
Qualified candidates will possess the skills to identify and assess threat / vulnerability risk data and guide and leverage stakeholder risk assessments to create a comprehensive picture of threats, vulnerabilities, and mitigation strategies specific to datacenter sites, cities, countries, and regions around the globe.
The program manager will work with various other program managers and risk managers within the CO+I Risk & Resilience organization to execute, automate and scale the program, and will be required to summarize / present risk assessment data to various levels of management on an ongoing basis.
Microsoft is a technology company that develops and supports software, services, and devices.