Senior Program Manager

Posted 6 days ago
Main Location
Redmond, WA, United States
Open jobs

Senior Program Manager for Security Risk Management & Reduction


Core Services Engineering builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster and more securely every day. Core Services Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!


Do you want to work in a fun and challenging area with passionate and creative people dedicated to helping Microsoft protect its critical information assets and reduce risk? Do you want to have company-wide impact driving compliance with Microsoft’s Security Policy by driving remediation of high-risk security findings/issues across vital corporate functions such as HR and Finance. If so, Microsoft’s Security Risk Management & Reduction (SRM&R) team is looking for a Senior Program Manager to lead a motivated team to reduce the tops risks at Microsoft.


The SRM&R team drives the identification, acknowledgement, reduction, and reporting of top enterprise information security risks; and increases productivity, accuracy, and effectiveness by implementing automation and action-oriented metrics. This position plays a critical role in improving the security health of these corporate functions to contribute to their journey towards more modern engineering practices.


The ideal candidate has experienced communication skills, well organized, and has experience in working with a diverse set of individuals such as engineers, program managers, and risk managers across different organizations.


Responsibilities will include: 

  • Lead best practices and solution sharing across multiple organizations to enhance existing security remediation processes and communication methods
  • Partnering with Security Service Managers such as Vuln Management to identify critical security vulnerabilities/asset misconfigurations/assessment findings that need to be remediated
  • Communicating and reviewing identified sets of remediation activities and documentation to directly responsible individuals and their support teams
  • Oversee and manage all security remediation documentation being develop or used in campaigns associated to the Program
  • Present program status and issues to Microsoft Executive Management across Microsoft Corporate Functions on a regular and consistent basis in regular status reporting and status meetings.
  • Conduct regular meetings with directly responsible individual leaders to inform and alert them of any risk arising from projects within their organization
  • Driving a unified message to all affected internal stakeholders and represent feedback back to the appropriate internal IT or Security support teams
  • Planning, preparing, and hosting technical support forums such as brown bags, office hours, and email correspondence intended to accelerate remediation across a diverse set of security vulnerabilities and non-compliance findings.

Knowledge, experience and skills required: 

  • 5+ years of experience building partnerships with other teams across Microsoft to share best practices
  • 5+ years’ experience in Information Technology, Cybersecurity, or Compliance related engineering roles.
  • 5+ years of project management & program governance skills including hands-on experience leading cross org projects and sustaining a program
  • Ability to understand/discuss a broad range of technology and business issues
  • Proven experience in delivering excellent verbal and written communications to middle management and senior leadership

Preferred, not required:

  • BS/BA in Computer Science, Business, or related field or equivalent experience.
  • Experience using structured data tools such as Azure Data Explorer (Kusto), PowerBI, and Excel to gather, analyze, and report data
  • Experience using RSA Archer or similar GRC tools to support Issue Management and or Compliance workflows
  • Project Management Profession (PMP Certification)
  • Privacy, or Information Security certifications such as CIPP, CISSP, CISA, CISM, CFE, CGRC, CRISC, CGEIT, etc.




Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.


Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team
Senior Program Manager
Microsoft Corporation