Senior Compliance Technical Program Manager
Microsoft - Boston, MA
posted 8 days ago
About the position
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Microsoft Security Compliance Program team educates and empowers the Microsoft Security organization to meet these regulations and build customer trust. The Compliance Program team ensures that Security products and services comply with Microsoft cybersecurity and privacy requirements while also leading efforts to deliver enterprise-wide cutting-edge compliance solutions. We are seeking a Senior Compliance Technical Program Manager to establish and grow Microsoft Security's Compliance program. This role provides you with the leadership opportunity to effect change that will have market-wide impacts. As a senior member of the Compliance team, you will be responsible for coordinating efforts across the Security division in collaboration with compliance champs and partner teams in Azure and M365.
Responsibilities
- Embrace a 'compliance by design' mindset; proactively identify systemic gaps that should be integrated into program design and elevate them to the appropriate owners.
- Work with security teams to help them navigate and meet regulatory requirements, ensuring the organization achieves and maintains necessary certifications (e.g., such as ISO/IEC 27x, FedRAMP, SOC, PCI DSS, HIPPA).
- Conduct regular assessments to ensure compliance with relevant regulations and standards.
- Provide guidance and support to internal teams on compliance-related matters, including policy development, risk management, and incident response.
- Coordinate response and evidence gathering in response to external auditors and regulators to facilitate compliance assessments and certifications.
- Develop and deliver training programs to educate employees on compliance requirements and best practices.
- Lead cross-functional teams to address compliance-related issues and drive continuous improvement in the organization's compliance posture.
- Coordinate with other privacy, compliance, and risk management leaders in the company to ensure Microsoft Security's programs are aligned and partner closely with governance owners, including Privacy Regulatory Affairs and Corporate External Legal Affairs Front Line.
- Accountable for delivery of measurement frameworks, processes, and maturity models to both understand and improve the bar of technical compliance across the portfolio that meets needs of the rhythm of business with exec leadership.
- Stay up to date with the latest regulatory changes and industry best practices and ensure the compliance program is continuously updated to reflect these changes.
- Monitor and report on the effectiveness of the compliance program, identifying areas for improvement and implementing corrective actions as needed.
- Serve as a subject matter expert on compliance and regulatory matters, providing strategic advice and guidance to senior leadership.
- Embody our culture and values.
Requirements
- Bachelor's Degree AND 4+ years experience in engineering, security operations, compliance, audit, product/technical program management, data analysis, or product development OR equivalent experience.
- 2+ years of experience managing cross-functional and/or cross-team projects.
- 2+ years of experience managing regulatory compliance or audits.
- The ability to meet Microsoft, customer and/or government security screening requirements.
Nice-to-haves
- Bachelor's Degree AND 8+ years experience in engineering, security operations, compliance, audit, product/technical program management, data analysis, or product development OR equivalent experience.
- 6+ years of experience managing cross-functional and/or cross-team projects.
- Experience with and awareness of emerging privacy and data governance related regulations.
Benefits
- The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year.
- There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.
