Principal Program Manager


Location: Atlanta, Georgia, Austin, Texas, Redmond, Washington, Reston, Virginia

Job Type: Full time


Be brave, not perfect.
- Reshma Saujani

Principal Program Manager

The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. ​As part of the Microsoft Security organization, and a steward of Microsoft and our customer’s data, a core function of Microsoft DSR is ensuring the security of every aspect of the business. Microsoft DSR is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire, and grow within our organization and we encourage you to apply to learn more! 

Do you have a passion for security and get excited about impacting some of the largest and most complex security challenges Microsoft faces in the enterprise today? Are you looking to join a fast-paced, dynamic, and diverse team?

The ACE team is the assessment & advisory arm of Microsoft’s Digital Security and Resilience (DSR) organization. Our team is a dynamic organization chartered with providing security assurance and advisory services to Microsoft’s enterprise to help effectively identify and mitigate security risks. We are a high energy, highly collaborative team.

The successful candidate for this role will work across teams and service lines to execute on our ACE strategy for providing end to end security assurance for Microsoft Digital. This includes application security assurance and automation capabilities across a portfolio of ~1700 apps and services. As a principal PM, you will be expected to contribute to the strategy and vision for the team and also drive continuous assurance into the engineering and operations processes. You will have the opportunity to work with engineering teams starting early in the development cycle to influence secure design and development.

We take pride in being a diverse and inclusive team, and we expect that you will join us on this mission.

Location: This role has the opportunity to work remote.


Key responsibilities:

  • Provide security subject matter expertise and conduct security reviews.
  • Lead & execute on a strategy that focuses on effective and efficient security processes to mitigate risk for Microsoft’s enterprise.
  • Ensure the controls, platforms and tools which support the assurance processes are aligned to the latest security trends and engineering models.
  • Work with other security assurance and security tooling teams across Microsoft to ensure a One Microsoft approach wherever possible for at-scale security assurance.
  • Develop and deliver executive level communications to leadership team; including synthesizing complex security issues, project updates and escalations.
  • Collaborate effectively with other engineering and pentest teams.


Required Qualifications:

  • 7+ years of experience working as an information security professional, technical program management or similar engineering role.
  • Experience with one or more of the following: threat modelling, security architecture, identity management, network security, web application development or DevSecOps.

Preferred Qualifications:

  • Prior experience in application/infrastructure security and/or security assessment programs.
  • Prior experience with mergers and acquisitions (M&A)
  • Experience with cloud security assessment or cloud application development using Azure or another major cloud provider.
  • Excellent written, verbal and presentation skills.
  • Highly motivated and collaborative.
  • Outstanding judgment, decision making skills, and the ability to thrive in fast-paced and ambiguous situations.
  • Solid desire to innovate, grow, and learn as the industry continually evolves.
  • Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity or relevant industry certifications.

In the state of Colorado, the salary range for this role is from $158,800 to $256,800. At Microsoft certain roles are eligible for additional rewards, including annual bonus and stock. These awards are allocated based on individual performance. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee’s role.

Benefits/perks listed here may vary depending on the nature of your employment with Microsoft and the country where you work. US-based employees gain access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and fitness benefits, among others.​​



Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

You’ve got this!