Data Protection Risk Manager


Location: United States

Job Type: Full time


The most difficult thing is the decision to act, the rest is merely tenacity.
- Amelia Earhart

If you love to partner with colleagues around the world ensuring the security and privacy of data and information, making our employees and customers have a better experience, we have a career opportunity for you!

About MCAPS & TrIP:

The MCAPS (Microsoft Customer & Partner Solutions) organization unifies the commercial go to market organization to accelerate our progress, stay true to the Microsoft mission, and empower our customers, partners, people, and Microsoft’s growth.

Within MCAPS, TrIP (Trust Integrity & Protection) defines processes for customers’ data protection including privacy, security, governance, risk, and compliance solutions, and provides guidance and oversight across the MCAPS division.


As the DP Manager, you will proactively drive risk management and compliance objectives as a key partner and trusted advisor to MCAPS planning teams, ensuring future state processes and programs have privacy and security included by design. Key to this role will be building effective working relationships across the business, proactively driving the adoption of key policies and standards relevant to the business. Also, important will be close coordination with regional TrIP DP and Privacy Managers to see that relevant regional business and regulatory requirements are evaluated as key inputs into future strategies and program enhancements.

We expect you to be a data protection, compliance, or privacy professional with a passion for excellence, strong collaboration, and driving efficient outcomes. You should be very comfortable working across teams to lead and build consensus, resolve conflicts, and create positive long-term working relationships. You should also be able to work in a global environment, in a rapidly changing space, and be able to represent the team to customers, partners, and internal or external leadership.

Our team values strong cross-team communication and collaboration, and proactive sharing of learnings and best practices to help make our whole team stronger. At the same time, to be successful in this role you need to be a self-motivated driver who can succeed with limited direction.


Required Qualifications

  • Bachelor's Degree AND 2+ years experience in engineering, product/technical program management, data analysis, or product development
    • OR equivalent experience.
  • Experience in Risk Management, Privacy, Security, Compliance, Government Intelligence, Operations, and/or Finance

Preferred Qualifications

  • 7+ years of experience in privacy, security, or compliance disciplines, with an understanding of enterprise compliance governance and oversight processes (information security standards, laws and regulations, privacy and security, risk management, control protocols, methodologies, and practices) to operationalize these controls with business leaders
  • Data Governance, Privacy, or Information Security certifications such as CIPP, CISSP, CISA, CISM, IAPP, or CFE, etc.
  • Familiarity with control frameworks and regulatory/compliance requirements, such as ISO27001, HIPAA, FISMA/FedRamp, EU Data Protection Directive, etc.
  • Excellent written and verbal communication skills with the ability to tailor communications based on audience
  • Strong project management abilities, driving projects and deliverables, and measuring results
  • Bachelor's Degree in Risk Management, Engineering, Government Intelligence, Security, or Information Technology and 5+ years experience in Risk Management in the context of Operations, Engineering, Information Technology, Business Analyst, Consulting, Auditing, Privacy, Security, Compliance, Government Intelligence, and/or Finance
  • Commercial and/or Public Sector or Government industry experience
  • Membership with a relevant risk domain area association including: International Association of Privacy Professionals (IAPP), International Information System Security Certification Consortium (ISC)2, and Information Systems Audit and Control Association (ISACA), Certified Internal Auditor (CIA), Society for Corporate Compliance and Ethics (SCCE), Disaster Recovery Institute (DRI), Certified Business Continuity Professional (CBCB), Committee of Sponsoring Organizations of the Treadway Commission (COSO), and Institute of Internal Auditors (IIA).

The salary for this role in the state of Colorado is between $119,200 - $178,800

At Microsoft, certain roles are eligible for additional rewards, including annual bonus and stock. These awards are allocated based on individual performance. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee’s role.

Benefits/perks listed here may vary depending on the nature of your employment with Microsoft and the country where you work.US-based employees gain access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and fitness benefits, among others.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

You’ve got this!