Security Risk Program Manager
Company: Microsoft Corporation
Posted on: June 12, 2021
The position is in the supply chain security team within
The Responsible Sourcing team is accountable for the
environmental, health and safety, human rights, ethics, and
security impacts of our supply chain. We are looking for a
motivated and experienced program manager to join our team and work
on supply chain security for government contracts that Microsoft
Devices is working on.
The position will lead organizational efforts to establish and
increase the protective posture of the Microsoft supply chain in
cyber security, physical security, and transportation security
areas. The incumbent will lead focused workgroups tasked with
specific security objectives and be responsible for deliverables
and validation metrics for assigned focus areas. Work may be
performed as part of a larger functional team or operate in an
independent fashion on specific work objectives.
Travel including international travel is possible up to 25 % of
the time while conducting vendor and supplier security audits.
- A bachelor's degree in a technology related field, A Master's
degree is preferred.
- Eight or more years of information technology experience
working in an information technology security discipline.
- Three or more years of experience working for, or on contract
with, a US Government Federal agency in a security position with
direct responsibility for cybersecurity regulations and
- Experience with Government security laws, regulations and
policies including the National Institute of Standards Special
Publication 800 series supporting publication 53. (NIST (SP)
- Experience with government security practices for the control
of classified, sensitive, and export controlled information.
- A demonstrated history of Increasing experiencing levels of
experience in security compliance with emphasis on policy
governance and audit practices.
- Excellent written and verbal communications skills with
experience presenting to senior leadership on security and
- One or more technical security certifications such as CISSP,
CEH, CISA, CISM, or equivalent.
- Knowledge of security operations in a corporate environment
including protection methods, security validation, incident
management, and software assurance.
- Direct experience managing security projects across an
enterprise organization with accountability for task and time
- Knowledge of ISO related quality and security controls in
Citizenship Verification: This position requires verification of
US Citizenship or Green Card to meet federal government security
Microsoft is an equal opportunity employer. All qualified
applicants will receive consideration for employment without regard
to age, ancestry, color, family or medical care leave, gender
identity or expression, genetic information, marital status,
medical condition, national origin, physical or mental disability,
political affiliation, protected veteran status, race, religion,
sex (including pregnancy), sexual orientation, or any other
characteristic protected by applicable laws, regulations and
ordinances. We also consider qualified applicants regardless of
criminal histories, consistent with legal requirements. If you need
assistance and/or a reasonable accommodation due to a disability
during the application or the recruiting process, please send a
request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of
your employment with Microsoft and the country where you work.
- Responsible for all aspects of the management and
administration of the government supply chain security component of
the Microsoft devices organization.
- Subject matter expert on government laws, policies, and
requirements for information security and compliance activities on
government contracts that Microsoft performs for or on behalf of
the US government.
- Attend meetings, work sessions, and provide advice and
assurance that Microsoft is meeting all contractual and regulatory
obligations on government contracts.
- The position works with sales, operations, legal, and
management on new government proposals and current government
- Interact directly with government contract officers, security
officers, or contract personnel in the performance of duties
ensuring all security requirements are met.
- Conduct continuous research and knowledge capture of security
practices and control methods and understanding of multiple
security frameworks used in measuring security governance and
- Work with subject matter experts cross functional groups such
as legal, design, NPI, sourcing, and manufacturing and drive across
the different functions independently.
Keywords: Microsoft Corporation, Redmond , Security Risk Program Manager, Other , Redmond, Washington
Didn't find what you're looking for? Search again!