Senior Program Manager

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end-to-end, simplified solutions.

The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all.

We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end-to-end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

The IAM team within the CISO organization is looking for a Senior Program Manager with expertise in managing compliance programs related to SOX controls, and Identity and Access Management (IAM). The ideal candidate should have a solid understanding of industry standards, regulatory requirements, and external audit processes. This role will focus on leading SOX compliance efforts in the IAM space, ensuring controls are designed, implemented, and monitored to meet audit and regulatory expectations. Key responsibilities include collaborating with internal teams, control owners, auditors, and compliance stakeholders to establish effective processes and prepare for successful audits. The candidate should be skilled at managing compliance complexities within a large organization like Microsoft and delivering impactful outcomes through cross-functional collaboration and influence across diverse engineering teams. The ideal candidate is a highly motivated professional passionate about using modern technical solutions to address compliance and risk management challenges. They should excel in cross-functional collaboration, stakeholder alignment, and maintaining up-to-date knowledge of industry trends, regulatory changes, and business needs. Adaptability to organizational and business shifts is crucial for success in this role.

• 8+ years of proven experience in SOX compliance, audit coordination, or working with similar regulatory frameworks, particularly within Identity and Access Management (IAM) or related security domains.
• Demonstrated expertise in project management, showcasing the ability to successfully manage multiple stakeholders, prioritizing competing tasks, and meeting strict deadlines in complex regulatory environments.
• In-depth familiarity with IAM principles, including the design, implementation, and execution of controls to ensure robust security and compliance.
• Exceptional communication and interpersonal skills, enabling seamless collaboration with auditors, compliance teams, and technical stakeholders across diverse geographies.
• Extensive hands-on experience with tools like Azure DevOps (ADO) or equivalent platforms for evidence tracking, issue resolution, and efficient audit coordination.
• Comprehensive understanding of internal and external audit processes, gained through close collaboration with global audit firms and ensuring adherence to rigorous compliance standards.
• Proven ability to identify, recommend, and implement process improvements, enhance audit readiness, streamlining control mechanisms, and driving operational efficiency.

#IAMProtect #IDC #CISOorg #SOX #TPM

• Plan and manage a comprehensive calendar for all SOX-related activities, including scoping meetings, reviews, walkthroughs, evidence submissions, and audit deadlines to ensure a structured approach, timely execution, and avoidance of delays.
• Facilitate SOX scoping meetings by engaging with Control Owners, Compliance Managers, and Engineering teams to define objectives and align on responsibilities. Evaluate and update control documentation, process flowcharts, and other audit materials. Prepare comprehensive documentation, including mock walkthroughs, to ensure audit readiness.
• Oversee evidence requests through ADO, ensuring timely and accurate submissions by collaborating with Control Owners. Monitor audit deliverables to adhere to SLAs, track progress, and request deadline extensions as needed to meet compliance requirements.
• Monitor audit deliverables to ensure adherence to SLAs, track progress, and request deadline extensions when necessary, maintaining transparency with all stakeholders.
• Conduct periodic reviews of subscriptions, resource groups, and accounts to verify compliance with provisioning standards. Address auditor inquiries related to access reviews and ensured alignment with established policies.