Remote Sr Program Manager at Microsoft

The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. ​As part of Microsoft’s Security, Compliance, Identity, and Management organization, and a steward of Microsoft and our customer’s data, a core function of Microsoft DSR is ensuring the security of every aspect of the business. Microsoft DSR is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!

Do you have a passion for information Security? Do you get excited about defining and driving the implementation for how security content is delivered to users and engineers? This is your opportunity to be a leader in protecting Microsoft corporate services that enable our business and support our customers against current and future threats.

Microsoft DSR is looking for an engineering program manager to create and improve the way we develop and deliver security content to the Microsoft enterprise. As part of a high impact security team, you will be empowered to lead and work across the Microsoft Digital organization and other divisions to raise the bar for protecting the enterprise.

In this role, you will be responsible for creating, maintaining, and interpreting security guidance that will enable engineering teams to implement services in a secure manner and assessment teams to validate engineering designs and deployments. You will collaborate with others and drive conversations to determine which services and features are acceptable for use and how they should be used. You will push for automation and drive towards secure by default environments. Along the way, you will be a trusted voice who shares your knowledge and expertise on information security standards.

Preferred work locations:

Atlanta, Georgia

Redmond, Washington

Reston, Virginia

Remote in the U.S.

Responsibilities

Key responsibilities:

• Drive the lifecycle (creation, updates, elimination, publishing) of information security standards, baselines, and control procedures including collaborating with users, engineers, and subject matter experts, rationalizing solicited inputs, and driving alignment across the enterprise.
• Interpret, in collaboration with subject matter experts, Microsoft’s enterprise information security standards, information security frameworks, and authoritative sources to users and engineers.
• Identify and lead opportunities to drive alignment of security standards to security control implementation across the enterprise. Document, track, and communicate project status to stakeholders.

Qualifications

Knowledge, experience and skills required:

• 3+ years of experience in a technical program management or similar role.
• 1+ year experience working with one or more cybersecurity framework (e.g., NIST, ISO27001/27002, PCI, etc) with keen insight around their applicability within disparate environments.
• 1+ year experience interpreting and articulating information security standards and guidance as it relates to securing the enterprise.
• 1+ year of experience producing quality technical documentation.

Preferred, not required:

• Experience with applying security standards and controls to cloud infrastructure, cloud solutions, and/or software supply chain.
• Experience working collaboratively and effectively across diverse teams, with different styles, in a matrix environment.
• Excellent leadership skills, including the ability to influence without authority and collaborate effectively across multiple business groups with clear intent.
• Excellent judgment, decision making skills, and ability to work with deadlines.
• Excellent presentation skills and experience presenting to management.