Microsoft Corporation Director of Operations - Security, Risk, & Compliance in Cambridge, Massachusetts
Are you interested in working for one of the most exciting products in Microsoft, passionate about exceeding customer expectations and advancing Microsoft's cloud first strategy?
Microsoft Azure provides customers with on-demand and infinitely scalable infrastructure and platform for customers to build, host, and scale service applications on the Internet through Microsoft’s global data centers. If you are interested in a start-up like environment, passionate about ensuring customers’ security and assuring the resilience of Microsoft’s cloud computing technology then look no further than the Azure Hardware Systems & Infrastructure Organization’s (AHSI) Security, Risk and Compliance Team (SRC).
The AHSI Security, Risk & Compliance team is building an architecture and validation program to drive world class security and resilience of our Azure infrastructure. Guiding and measuring the security of the hardware and systems infrastructure that is the foundation of our customer’s experience with all that Microsoft’s Azure Platform can enable is an essential part of our commitment to deliver the #1 Trusted Cloud Platform in the world.
This Director will navigate the governance, risk and controls landscape in a technology company. Specifically, this role will partner closely with organizations across AHSI to drive the cadence and completion of assessments of the suppliers with whom AHSI works to provide the infrastructure that operates Microsoft’s Azure and Intelligent Cloud business. The Director will also manage a small team that will enhance, maintain and operate the SaaS platform that facilitates the implementation of SRC’s Azure Security & Resiliency Architecture (ASRA) assessments. In addition, this Director will partner with peers In SRC who oversee the security and resiliency domains. This role reports to the VP, Chief Security & Risk Officer for Azure Infrastructure.
• Deploying and refining the operational processes to enhance and maintain ASRA
• Change management for ASRA
• Implementing the risk analyses to determine assessment targets based on business risk
• Overseeing the conducting of the assessments of the suppliers to determine conformity with the mandates and goals of ASRA
• Ensuring the satisfactory completion of ASRA assessment in partnership with SRC’s external auditors
• Tracking and reporting on progress of ASRA assessments
• Tracking and reporting of remediation of assessment findings
• Trend analysis of all assessment findings trends
• Managing direct reports effecting the system maintenance, data entry/management and structure of the ASRA Management Platform
• Close coordination with the VP, Chief Security & Risk Officer for Azure Infrastructure and SRC leaders to adapt ASRA operations to the changing requirements and risks from global governments, internal Microsoft stakeholders, and customers and the evolution of ASRA.
• Identify and deploy best operational practices continuously enhance the efficiency of assessment processes and driving meaningful security enhancement and risk reduction across Azure infrastructure
• Bachelor’s degree in business, finance, or equivalent work experience
• Experienced people manager/leader
• 10+ years of progressive experience in fast-paced program management
• 10+ years of experience in professional services, program management, business management, technology implementation, or related field
• Proven experience in audit reporting, risk assessment and overseeing Governance Risk and Compliance (GRC) Frameworks and ITIL, COBIT, NIST CSF
• Comfort managing in an environment of continual change and ambiguity and creation of systemic approaches to solving issues
• Able to synthesize disparate information effectively and quickly into clear recommendations, actions, and decisions
• MBA or other advanced degree
• Certification or equivalent experience in Lean methodologies, Six Sigma or other process improvement and project management methodologies
• Familiarity with security and controls frameworks such as ITIL, COBIT and NIST CSF
• History of driving outcomes via influence of both internal and external resources
• Adept at identifying operational problems and proposing solutions
• Strong oral and written communication skills, excellent stakeholder service skills, and ability to work in an extremely high-volume, high-energy environment
• Familiarity with the ProcessUnity Vendor Risk Management Platform
• Program Management Certification (e.g. PMP)
• Understanding of cloud technologies
• Excellent communication skills including delivering high quality written communications and the ability to articulate complex information in a simple way to executives, customers, suppliers and stakeholders.
Microsoft Cloud Background Check:
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
- Microsoft Corporation Jobs