Jobs: Security Compliance Manager

Jobs: Security Compliance Manager

Location: Redmond, WA, US Global Foundation Services (GFS) is the team behind the cloud. GFS is responsible for delivering over 200 Microsoft web portals, Live and Online Services around the world including infrastructure, security and compliance, operations, globalization, and manageability. Our focus is on smart growth, high efficiency, and delivering a trusted experience to customers [...]

Location: Redmond, WA, US

Global Foundation Services (GFS) is the team behind the cloud. GFS is responsible for delivering over 200 Microsoft web portals, Live and Online Services around the world including infrastructure, security and compliance, operations, globalization, and manageability. Our focus is on smart growth, high efficiency, and delivering a trusted experience to customers and partners worldwide. We are looking for a passionate, high energy individual to help build the cloud that powers the world’s largest online services.

Online Services Security & Compliance (OSSC) is responsible for the infrastructure security and compliance needs of GFS’s customers. The Security Compliance Program Manager (CPM) role is part of OSSC’s Compliance Engagement team. We work with GFS stakeholders and Microsoft Product Groups to meet their security, compliance and reliability objectives and provide visibility to the compliance posture of the GFS environment and its services.

Roles & Responsibilities:
As a senior compliance program manager in the OSSC compliance team you will be responsible for:
- Assisting internal business groups and product teams with understanding various compliance obligations by sector, and working with them to develop roadmaps to achieve these compliance requirements.
- Leading internal teams through the preparation for and successful completion of a variety of key industry and regulatory audits through all phases of the operational compliance program from audit readiness through final assessment including remediation activities.
- Leading discussions with external regulators to ensure that compliance obligations are achievable in a fast-paced cloud computing environment.
- Selecting key partners vendors to assist with the interpretation and preparation of audit activities. Ensuring audited functions are prepared for audits.
- Ensuring audited functions are prepared for audits.
- Helping identify and evolve audit strategy to expand the compliance program to keep pace with GFS rapid growth while reducing the impact on operational teams.
- Provide key feedback and recommendations for improving the Information Security Management System and Compliance Framework based on your audit experiences.
- Representing Microsoft’s controls over regulatory requirements to external vendors and assessors.
- Managing auditor relationships.
- Working with other Microsoft internal compliance teams to help drive improvement of the overall efficiency of the OSSC audit program.
- Ensuring cross company collaboration in all aspects of compliance by establishing partnerships with other Microsoft security teams with the overarching goal of improving trust of Microsoft and its products.

Experience Required:
- A minimum of a BS or BA is required.
- 5+ years of relevant work experience.
- Preferred certifications include but are not limited to CFCP, CISSP, GIAC, CISA, PMP.
- Previous training or experience with implementing FISMA, FedRamp, DIACAP, or NIST programs is desirable.

Microsoft is an Equal Opportunity Employer (EOE) and strongly supports diversity in the work place.

Leave a Reply