Technical Program Manager, Risk & Compliance
Location: Atlanta, Georgia, Bellevue, Washington, Berkeley, California, Glendale, California, Irvine, California, Issaquah, Washington, Los Angeles, California, Redmond, Washington, Sacramento, California, San Diego, California, San Francisco, California, Seattle, Washington, Tacoma, Washington, Washington, North Carolina
Job Type: Full time
Microsoft’s Trust and Integrity Protection team (TrIP) has an immediate opening for a technical program manager within its Risk and Compliance team. The team is on a mission to earn customer trust and reduce risk by relentlessly protecting data and operational integrity across Microsoft’s Customer and Partner Solutions division (MCAPS), and this role is critical to support the technical aspects of our expanding Compliance program. The candidate is expected to have a solid foundation in technical program management practices and an understanding of controls testing, working risk management and integrated controls management professionals across a complex multi-national business. The immediate focus will be on supporting the technical aspects of the IT and Operational Controls monitoring program, including scorecarding, automation, and evaluation/integration with relevant systems (e.g., Dynamics, RSA Archer, Purview). Our group values strong cross-team communication & collaboration, ability to network and integrate across the Microsoft eco-system to inject value to the company at large, and create meaningful lasting relationships with our business partners, stakeholders, and executive leaders.
As a Technical Program Manager, you will engage with various stakeholders as a trusted advisor and liaison. You will regularly apply risk and compliance frameworks and principles, to help control the end-to-end processes, anticipate risks, and support compliance by design goals and objectives. Stakeholders include application/solution owners, process owners, service owners, peers in the internal risk and compliance community, and internal and external audit. The candidate’s success depends on their ability to analyze our compliance and controls performance, conceive of modifications and improvements to the technical aspects of the Compliance program, and drive program reporting in support of RCO and TrIP’s larger goals.
Analysis of Compliance/Controls Testing Signals
- Begins to identify opportunities and gaps in our IT and Operational Controls testing process, including comparison of various quality and performance metrics to various solutions. May participate in stakeholder engagements to solicit feedback and understand their experiences with TrIP’s Compliance program.
- Collaborates with others to perform research in collaboration with other teams, conducts competitive analyses, and examines technology-related solutions, as well as industry-specific requirements or regulations (e.g., ISO). Integrates controls usage, telemetry, and service data together to identify patterns, generate hypotheses, and help inform a plan to change and/or expand the program, in collaboration with others.
- Starts to build relationships within the TrIP and wider risk and compliance community to build connections, and starts to understand the broader Compliance needs and solutions. Develops problem statements and forms hypotheses of a new group of features or feature areas (e.g., product, service) to address business, program, and stakeholder needs.
- Performs experiments to test hypotheses and inform decisions on what group of features or feature areas (e.g., product, service) to introduce, in collaboration with others.
- Establishes clarity of the root problem and how it relates with previously seen trends with the customer. Works with minimal guidance to ensure alignment between the stakeholders and TrIP. Collaborates with others (e.g., Engineering, MCAPS, Audit) to ensure that they can satisfy requirements. Partners to evaluate opportunity to determine for greatest value to the business. Defines solution options for a group of features or feature areas.
- Works with Engineering to design integrated solutions to technical needs for Compliance testing with minimal guidance. Proposes design and architecture documents for a group of features or feature areas. Understands what options are available to identify and select the best option for needs with minimal guidance. Assists architects and technical partners to develop. Works with internal and external technical partners and/or architects to represent technical solutions to customers.
- Contributes to the definition of program(s) goals and provides input to the prioritization for the group of features/feature areas (e.g., product, service) they own. Translates the needs of their team into program goals and prioritized deliverables using data-focused analysis, in collaboration with others. Identifies risks and proposes mitigations for risks using data (e.g., telemetry, usage, net satisfaction, customer satisfaction).
- Defines success criteria and performance metrics (e.g., Objectives and Key Results [OKRs], Key Performance Indicators [KPIs] such as quality and performance) of a group of features or feature areas, with limited supervision. Understands and presents the return on investment.
- Collaborates with others in orchestrating and integrating efforts for the development and implementation process of a group of features or feature areas (e.g., product, services) for cross functional projects with internal teams and external partners. Collaborates and coordinates across teams to ensure alignment on product management and release, including tradeoffs, adjustments, and improvements as feasible.
- Partners with the engineering team to contribute, prioritize, and deliver on the roadmap for a group of features or feature areas (e.g., product, service), with minimal supervision. Learns the value proposition for the group of features or feature areas and answers technical questions of the group of features or feature areas they own.
- Collaborates with others to track, coordinate, and communicate end-to-end project schedules for a group of features or feature areas. Helps monitor processes and hold stakeholders accountable for following the established schedule and processes. Helps track and manage dependencies to enable cohesive, connected user scenarios and to avoid issues and mitigate risks. Begins to make adjustments or course corrections when projects are not aligned to schedules or goals.
- Helps develop the staging and implementation plan for piloting/release in alignment with Objectives and Key Results (OKRs)/Key Performance Indicators (KPIs) for a group of features or feature areas (e.g., product, service). With the guidance of others, collaborates with stakeholders to monitor progress and adjust as needed.
- Stays abreast of governance programs and processes and demonstrates an understanding of specific performance requirements and standards that must be met throughout the development lifecycle (e.g., quality, compliance, privacy, security, safety, accessibility).
- Validates use-case and scenario outcomes, and performance targets that are being achieved, with minimal guidance. Drives continuous quality improvements of the delivery.
- Partners with others (e.g., Data Science, Engineering) to collect performance metrics (e.g., Key Performance Indicators [KPIs] such as usage, quality speed, and cost), monitor and report on progress (e.g., business reviews), and derive insights that lead to productive courses of action to improve development, iteration, and implementation of a group of features or feature areas (e.g., product, service). Collaborates to form hypotheses, perform experiments, and iterate to drive improvement in specific performance metrics
- Contributes to the Compliance and controls testing experience and provides documentation (e.g., troubleshooting guidelines, best practices, blogs). Understands and helps drives improvements in the testing process, including both forums and communities.
- Acts as a technical advisor to educate and evangelize the group of feature/feature areas (e.g., product, service) they work on with stakeholders via meetings, presentations, and other forums. Participates in direct engagements to solicit feedback and understand their experiences with the group of features/feature areas.
- Bachelor's Degree AND 2+ years experience in engineering, product/technical program management, data analysis, or product development
- OR equivalent experience.
- 1+ year(s) experience managing cross-functional and/or cross-team projects
- 1+ year(s) in third-party product/technology evaluation
- 2+ years of experience working in a Risk or Compliance-related team or function
- 4+ years of experience managing cross-functional and/or cross-team projects
- Knowledge of the basic features and functions of Microsoft Dynamics, RSA Archer, Microsoft Purview, Power BI, and/or Azure
- 1+ year(s) experience reading and/or writing code (e.g., sample documentation, product demos)
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.