Microsoft Corporation Senior PM Manager in Redmond, Washington
Senior PM Manager, Program Management
Digital Security and Resilience (DSR) – Infrastructure Security & Standards
The mission of Microsoft Digital is to power, protect, and transform Microsoft as the voice of our digital transition in the market. As part of Microsoft’s Cloud + AI Group, we are responsible for building, managing, and securing the platform, products, processes, and services that powers Microsoft.We build, maintain, and implement a cloud-first approach to our technology and experiences, from custom-built business solutions developing our campus of the future and our productivity and collaboration experiences like Teams and SharePoint, to horizontal 3rd party solutions like SAP and Adobe. As a steward of Microsoft and our customer’s data, a core function of Microsoft Digital is ensuring the security of every aspect of the business. Microsoft Digital is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. Microsoft Digital’s charter is also to influence and work alongside engineers across the company and with strategic partners to build and grow their cloud products and services. As customer zero, we deploy these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!
Do you have a passion for Infrastructure and Application Security? Do you get excited about protecting Microsoft by setting the direction and guidance for securing our enterprise? This is your opportunity to be a leader in protecting Microsoft corporate services and support our customers against current and future threats.
Digital Security and Resilience (DSR) is looking for a Senior Manager to lead the team responsible for Microsoft’s Enterprise Security Standards. As part of a high impact security team, you will be empowered to lead and work across the Microsoft Digital organization and multiple product teams to raise the bar for protecting the enterprise.
In this role, you will drive the Enterprise Standards as a service, identify areas of opportunity to develop strategies for increasing our overall security posture, and drive strategic projects. You and your team will ensure standards are proactively updated based on emerging threats, industry developments, and enterprise security needs. You will lead conversations and drive alignment with other standards teams across multiple Microsoft divisions. You will work with engineering teams to understand and minimize potential downstream impacts. Along the way, you will be a trusted leader sharing your knowledge and expertise while driving clarity on strategy and objectives.
Key responsibilities :
Lead a team of program managers and technical writers with responsibility to:
Lead and identify cross-organizational teams to drive high priority projects for improving the efficiency and efficacy of information security content creation process, delivery, and consumption.
Interpret, in collaboration with subject matter experts, Microsoft’s enterprise information security standards, information security frameworks, and authoritative sources to users and engineers.
Drive the lifecycle (creation, updates, elimination) of information security content including establishing a clear and repeatable process, identifying subject matter experts, rationalizing their input, and driving cross-organizational alignment.
Drive strategic security projects as needed.
Document, track, and communicate service and project status to stakeholders.
Set measurable semester objectives and key results (OKRs) with the team and track progress.
Conducts complex analysis of risks, security controls, and operational capabilities needed to enable Microsoft business without incurring increased risk.
Provides oversight and management of team assessments, status communications, and presentations to inform information security and other stakeholders of progress to strategy and risks.
Obtain stakeholder support and initiatives to ensure that coordination exists between security, architecture, integration, and operations.
Partner with other stakeholders to provide on-going engagement and alignment on security standards and identify key risk metrics.
Produce high-quality papers, presentations, recommendations, and findings for senior executives and external customers.
Stay up to date as well as contribute/participate on development of new and updates to industry standards and frameworks.
Knowledge, experience and skills required:
5+ years of experience in a technicalprogram management or similar role.
2+ years of experience with one or more cybersecurity framework (e.g., NIST, CIS, ISO27001/27002)
2+ year of experience interpreting and articulating guidance as it relates to securing cloud solutions.
2+ years of experience leadingstrategic security efforts in a large enterprise.
Preferred, not required:
2+ years people management experience insecurity engineering, operations, or compliance in a large enterprise.
Experience with federal regulatory frameworks (e.g. CMMC, DFARS, NIST 800-171)
Domain knowledge of security standards, technical evaluations, and controls.
Excellent written and verbal communication skills with demonstrated experience presenting to senior management and executive bodies.
Demonstrated ability to anticipate and manage change in a highly dynamic environment.
Demonstrated ability to make prioritization and trade-off recommendations that support program execution.
Ability to manage complex technical projects including collaborating with other teams, building relationships, and navigating effectively across group boundaries through influence.
Extensive leadership skills, including the ability to influence without authority and collaborate effectively across multiple business groups with clear intent.
Excellent judgment, decision making skills, and ability to work with deadlines.
Enthusiastic, technical, strategic thinker, and inclusive leader.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.