QualificationsWriting skillsProject managementAzureWindowsISO 27001Bachelor of ScienceBachelor’s degreeBachelor of Arts
Last year Satya announced Windows 365, a cloud service that introduces a new way to experience Windows 10 or Windows 11 to businesses of all sizes. Windows 365 takes the operating system to the Microsoft cloud, streaming the full Windows experience — apps, data, and settings — to personal or corporate devices. Secure by design and built with the principles of Zero Trust, Windows 365 secures and stores information in the cloud, not on the device, providing a secure, productive experience for workers from interns and contractors to software developers and industrial designers. Windows 365 also creates a new hybrid personal computing category called Cloud PC, which uses both the power of the cloud and the capabilities of the device to provide a full, personalized Windows experience without any of the complexity of traditional virtualization technologies.
We are looking for a team-oriented compliance program manager with an engineering mindset and background capable of working within several areas: audit, privacy, risk management, security, and accessibility. You will provide guidance and direction across engineering disciplines and work to enhance Windows 365 compliance objectives within infrastructure, services and with our customers. This role provides growth, learning, and training opportunities; you are expected to not only stay connected to the compliance industry and community, but to lead and share in the areas you specialize in.
Responsibilities
A successful TPM in this role will work to meet the current obligations while effectively scaling our processes to support future demands. The position requires that you understand and work well with different groups, perspectives, and processes, while having the technical depth to understand the requirements and capabilities of the service. To be successful, you must have strong project management and communication skills, and be able to drive cross discipline projects to successful completion. Experience in compliance, risk management, audit, or accessibility is important to this role. You also need to enjoy working in a fast-paced and agile environment.
Role responsibilities include:
Select, manage, and lead discussions with engineering teams, customers, and external regulators to ensure that compliance obligations are understood and achievable in a fast-paced cloud computing environment
Provide subject matter expertise to internal engineering groups and product teams with the understanding of various compliance obligations, and working with them to develop roadmaps to achieve these compliance requirements
Represent Windows 365’s security-state over regulatory requirements to external vendors, assessors, external customers, and regulatory bodies
Influence and provide input into the development of relevant industry compliance standards as a Microsoft representative and subject matter expert
Strategically partner with other stakeholders to continually identify trends and discover underlying issues that are important to quantify risks, guide decision making, and/or be used as a model for others to apply consistently
Perform detailed risk assessments and stakeholder cross-training activities to enable risk-based decisions to remediate and or acknowledge high risk findings identified from various security and privacy technical assessments. Communicate to stakeholder’s findings from risk analyses, as well as data required to perform risk assessments
Ensure accessibility requirements are included in product design. Identify accessibility gaps, assess risks, and provide guidance to stakeholders
Qualifications
5+ years of experience in DevOps within cloud environment or related fields
7+ years of experience in program management, preferably at least 3 of those in compliance or risk management roles
5+ years of professional experience in the computer software industry
2+ years of experience working with Government or Federal compliance standards preferred
B.A. or B.S. degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience
One or more of the following skills will get our attention
Advanced project management skills: able to deliver cross-group projects and drive change
Advanced problem-solving skills: able to use prior experience and knowledge to address new situations
Advanced writing and communications skills: able to clearly articulate ideas for executive level consumption as well as technical staff consumption
DevOps, SE, or SRE experience with an advanced understanding of IT operations and diverse IT architectures
Experience working with Azure (Cloud Services, Active Directory, Information Protection) and/or Microsoft 365
Direct experience with security, compliance and regulatory frameworks including: PCI DSS, ISO 27001, FedRAMP, HiTrust, SSAE/SOC 1 and 2, EUDB
The ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings:
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.