Risk Manager - Access and Security
Company: Microsoft Corporation
Posted on: June 9, 2021
Do you have a passion for enabling privacy and data governance
best practices, building strategic partnerships across teams, and
empowering people? If so, an opportunity to lead access and
security risk management for the HR organization may be for
The Global HR Services organization provides end-to-end
operational and support services for Microsoft HR, serving 160,000+
employees in over 100+ countries. The primary areas of focus
include employee, manager & candidate support services, core HR
services (HR hire-to-retire processes), business process
optimization, HR solutions, consulting, and project management. The
success of the HR Services organization is critical to the overall
effectiveness of HR and our ability to ensure consistent,
predictable, and transformative employee and manager
HR Business Excellence is a global function that provides
overall governance, risk management, compliance monitoring, privacy
and security assessments, and continuity and response services for
all of HR. HR Risk & Compliance is a function of the HR Business
Excellence organization - Our mission is to partner with our HR
stakeholders to protect the Microsoft Mission and promote a culture
of Risk Management and Compliance.
The vision for the Risk Manager - Access and Security on the HR
Risk & Compliance team is to champion the access principle of least
privilege so that all HR employees, external staff, and engineering
(IT) partners supporting HR, have all the right levels of access,
to all the right systems, tools, and data, at all the right times.
The Risk Manager will lead to enable that vision, taking a risk
based approach to identify immediate and long term risks, and
building strategic partnerships with HR, IT, and Compliance teams
to enhance the access and security management posture for the HR
organization through process, control, and automation design.
- 7+ years of experience driving risk management and compliance
programs, with a combination of the following: HR Operations, Risk
Management and Compliance, External or Internal Audit, Identity and
Access Management, or related field.
- 5+ years expertise as a IT general computer controls subject
matter professional with experience driving operational and/or
regulatory compliance (e.g., SOX, HIPAA, GDPR).
- 3+ years experience delivering excellent verbal and written
communications to middle management and senior leadership.
- Ability to ramp up quickly to systems and technologies
supporting access provisioning processes.
- Ability to design projects to govern role based permissions and
promote process automation.
- Proven experience defining and presenting strategic roadmaps to
HR and IT leadership.
- Proven experience as a strong cross group collaborator and team
player, dealing with ambiguity and complex problems, resolving
conflict, and influencing senior executives.
- Experience engaging with Business, IT, and Compliance partners,
able to drive cross group analysis of end to end process flows and
identification of controls.
- Experience aligning role based permission strategies to broader
risk management, data governance, privacy, and business continuity
- Experience with HR organizational processes such as recruiting,
employee data lifecycles, HR service delivery, compensation and
benefits programs, diversity & inclusion, learning, and/or HR
- Experience with SAP SuccessFactors HR tool suite, including
- Experience remediating findings from Internal and External
Microsoft is an equal opportunity employer. All qualified
applicants will receive consideration for employment without regard
to age, ancestry, color, family or medical care leave, gender
identity or expression, genetic information, marital status,
medical condition, national origin, physical or mental disability,
political affiliation, protected veteran status, race, religion,
sex (including pregnancy), sexual orientation, or any other
characteristic protected by applicable laws, regulations and
ordinances. We also consider qualified applicants regardless of
criminal histories, consistent with legal requirements. If you need
assistance and/or a reasonable accommodation due to a disability
during the application or the recruiting process, please send a
request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of
your employment with Microsoft and the country where you work.
- Risk Management Program: Drives formal risk assessments with HR
stakeholders at the global, regional, and local level to identify,
assess, and evaluate risks; makes recommendations to address risks
and non-compliance; designs and monitors a risk register to
centrally track compliance risks, trends, and mitigating action
- Strategic Partnerships: Builds partnerships to gather and
prioritize tool and process feedback from key operational
stakeholders in partnership with HR program subject matter experts,
vendors, and IT partners; drives the identification of systemic
efficiencies and process improvements for large-scale or
high-stakes HR programs.
- Role Based Access and Security Design: Proactively partners
with HR groups to understand HR business users data and associated
access needs. Establishes and drives guidelines for segregation of
duties. Leads efforts to automate role based permissioning
processes and controls across employee, external staff, and HR IT
access lifecycle scenarios.
- Project Management: Creates project charters and success
criteria for large-scale projects, identifies resource needs;
creates project plans and leads project team meetings; tracks
progress and deliverables, risks, and action items; communicates
with relevant stakeholders/project sponsors/steering committee
(e.g., business leaders, HR and IT partners) about project status
- Access Governance: Leads access governance committee to
establish strategic priorities with cross functional and
organizational HR, IT, Business, Federal, and Compliance leaders to
define, monitor, and prioritize remediation of HR access and
Keywords: Microsoft Corporation, Redmond , Risk Manager - Access and Security, Other , Redmond, Washington
Didn't find what you're looking for? Search again!