This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Senior Supply Chain Security Program Manager
Microsoft - Redmond, WA
posted 16 days ago
About the position
Microsoft's Cloud business is expanding, and the Cloud Supply Chain (CSCP) organization is responsible for enabling the infrastructure underlying this growth including AI! CSCP's vision is to empower customers to achieve more by delivering Cloud Capacity Differentiated at Scale. Our mission is to deliver capacity for all cloud services predictably through intelligent systems driven by continuous learning and a world class organization. The CSCP Organization is responsible for traditional supply chain functions such as Plan, Source, Make, Deliver, but also manages supportability (spares), decommissioning and disposition of Data center assets worldwide. We deliver the core infrastructure and foundational technologies for Microsoft's over 200 online businesses including Bing, MSN, Office 365, Xbox Live, Skype, OneDrive and the Microsoft Azure platform for external customers. Our infrastructure is comprised of a large global portfolio of more than 200 datacenters supporting services for more than 1 billion customers in over 90 countries worldwide. The Security, Risk & Compliance team is looking for a motivated and experienced leader to join our team. We are hiring a Sr. Supply Chain Security Program Manager. The Sr. Supply Chain Security Program Manager will be part of the risk management team responsible for identifying, assessing, actioning, monitoring, and driving control testing effectiveness, specifically focused on supply chain security risks. This role will influence policies and support the operational cadence of third-party supplier compliance and risk assessments. Therefore, this leader must have experience leading cross-functionally without direct authority. This role will engage with business partners and suppliers to evaluate risks, provide subject matter expertise, and measure the maturity and inherent risks of our supply chain hardware security. You will have the unique opportunity to contribute to the creation of an advanced Supply Chain attack and threat modeling program that will improve supply chain threat awareness. Additionally, this role must collaborate closely with other Microsoft and Azure Cloud security teams to mitigate risks and enhance the overall security posture of our suppliers and hardware.
Responsibilities
- Anticipates and addresses security threats by gathering, analyzing, and evaluating information about existing or potential threats to determine the likelihood of Microsoft hardware or hardware suppliers being targeted.
- Monitors and manages the development of current, emerging, and evolving threats that could have an impact.
- Identifies and addresses assets or operations where security is inadequate and could be exploited by a threat.
- Evaluates geopolitical activities and events, synthesizing key intelligence to inform internal and external stakeholders or employees of potential threats.
- Informs, escalates, and manages risks to the appropriate teams.
- Identifies and interprets security risks.
- Selects, implements, and manages measures to mitigate identified risks.
- Drafts mitigation plans and processes, including appropriate risk registers and controls.
- Ensures alignment and agreement with risk reduction plans and processes.
- Designs, implements, and monitors controls to treat risks.
- Participates in discussions to develop plans of action and milestones to track and mitigate risks.
- Performs analysis to detect advanced security threats, alerts, or risks.
- Contributes to the development of the risk assessment model.
- Develops public, private, and supplier partnerships.
- Engages with stakeholders and communicates risk assessment findings.
- Facilitates discussions with internal and external program leaders to establish a strategic vision and service model to improve security operations.
Requirements
- 4+ years experience in Security Program or Program Management or related field.
- Ability to meet Microsoft, customer and/or government security screening requirements.
Nice-to-haves
- Bachelor's Degree in Business Risks, or related field AND 8+ years experience in Security Program or Program Management.
- Certified Protection Professional (CPP) or equivalent Protection certification.
- Physical Security Professional (PSP) or equivalent Physical Security Certification.
Benefits
- Base pay range for this role across the U.S. is USD $94,600 - $183,800 per year.
- Different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $122,000 - $200,500 per year.
