The Senior Program Manager will lead SOX compliance efforts within the IAM team of Microsoft's CISO organization.  Responsibilities include planning and managing SOX-related activities, facilitating scoping meetings, updating control documentation, overseeing evidence requests via Azure DevOps, monitoring audit deliverables, conducting compliance reviews, and addressing auditor inquiries.  The ideal candidate possesses 8+ years of experience in SOX compliance, IAM, and audit coordination, strong project management skills, and exceptional communication abilities.  The role demands collaboration with internal teams, auditors, and stakeholders across diverse geographies to ensure compliance with regulatory expectations and maintain audit readiness.

Microsoft is a tech giant that develops, licenses, and supports a range of software products, services, and devices.

Microsoft

<div class="ms-Stack css-418"><h3 style="font-weight: 600; font-size: 18px; line-height: 24px; color: rgb(23, 23, 23);">Overview</h3><div><p style="margin: 0px;"><span>Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end-to-end, simplified solutions.</span></p><p style="margin: 0px;">&nbsp;</p><p style="margin: 0px;"><span>The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all.</span></p><p style="margin: 0px;">&nbsp;</p><p style="margin: 0px;"><span>We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end-to-end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.</span></p><p style="margin: 0px;">&nbsp;</p><p style="margin: 0px;"><span>The IAM team within the CISO organization is looking for a Senior Program Manager with expertise in managing compliance programs related to SOX controls, and Identity and Access Management (IAM). The ideal candidate should have a solid understanding of industry standards, regulatory requirements, and external audit processes. This role will focus on leading SOX compliance efforts in the IAM space, ensuring controls are designed, implemented, and monitored to meet audit and regulatory expectations. Key responsibilities include collaborating with internal teams, control owners, auditors, and compliance stakeholders to establish effective processes and prepare for successful audits. The candidate should be skilled at managing compliance complexities within a large organization like Microsoft and delivering impactful outcomes through cross-functional collaboration and influence across diverse engineering teams. The ideal candidate is a highly motivated professional passionate about using modern technical solutions to address compliance and risk management challenges. They should excel in cross-functional collaboration, stakeholder alignment, and maintaining up-to-date knowledge of industry trends, regulatory changes, and business needs. Adaptability to organizational and business shifts is crucial for success in this role.</span></p><p style="margin: 0px;">&nbsp;</p></div></div> <div class="ms-Stack css-418"><h3 style="font-weight: 600; font-size: 18px; line-height: 24px; color: rgb(23, 23, 23);">Qualifications</h3><div><ul><li><span>8+ years of proven experience in SOX compliance, audit coordination, or working with similar regulatory frameworks, particularly within Identity and Access Management (IAM) or related security domains.</span></li><li><span>Demonstrated expertise in project management, showcasing the ability to successfully manage multiple stakeholders, prioritizing competing tasks, and meeting strict deadlines in complex regulatory environments.</span></li><li><span>In-depth familiarity with IAM principles, including the design, implementation, and execution of controls to ensure robust security and compliance.</span></li><li><span>Exceptional communication and interpersonal skills, enabling seamless collaboration with auditors, compliance teams, and technical stakeholders across diverse geographies.</span></li><li><span>Extensive hands-on experience with tools like Azure DevOps (ADO) or equivalent platforms for evidence tracking, issue resolution, and efficient audit coordination.</span></li><li><span>Comprehensive understanding of internal and external audit processes, gained through close collaboration with global audit firms and ensuring adherence to rigorous compliance standards.</span></li><li><span>Proven ability to identify, recommend, and implement process improvements, enhance audit readiness, streamlining control mechanisms, and driving operational efficiency.</span></li></ul><p style="margin: 0px;"><span></span></p><p style="margin: 0px;">&nbsp;</p><p style="margin: 0px;"><span>#IAMProtect #IDC #CISOorg #SOX #TPM</span></p><p style="margin: 0px;">&nbsp;</p></div></div> <div class="ms-Stack css-418"><h3 style="font-weight: 600; font-size: 18px; line-height: 24px; color: rgb(23, 23, 23);">Responsibilities</h3><div><ul><li><span>Plan and manage a comprehensive calendar for all SOX-related activities, including scoping meetings, reviews, walkthroughs, evidence submissions, and audit deadlines to ensure a structured approach, timely execution, and avoidance of delays.</span></li><li><span>Facilitate SOX scoping meetings by engaging with Control Owners, Compliance Managers, and Engineering teams to define objectives and align on responsibilities. Evaluate and update control documentation, process flowcharts, and other audit materials. Prepare comprehensive documentation, including mock walkthroughs, to ensure audit readiness.</span></li><li><span>Oversee evidence requests through ADO, ensuring timely and accurate submissions by collaborating with Control Owners. Monitor audit deliverables to adhere to SLAs, track progress, and request deadline extensions as needed to meet compliance requirements.</span></li><li><span>Monitor audit deliverables to ensure adherence to SLAs, track progress, and request deadline extensions when necessary, maintaining transparency with all stakeholders.</span></li><li><span>Conduct periodic reviews of subscriptions, resource groups, and accounts to verify compliance with provisioning standards. Address auditor inquiries related to access reviews and ensured alignment with established policies.</span></li></ul></div></div> <div class="ms-Stack css-418" style="padding: 30px 0px; font-size: 14px;"><div class="ms-Stack css-418" style="padding: 0px 0px 30px;"><span>Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.</span></div><div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="Medical" role="img" aria-label="Industry leading healthcare" class="ms-Icon root-32 css-567 css-330" style="font-family: FabricMDL2Icons-4;"></i>Industry leading healthcare</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="Education" role="img" aria-label="Educational resources" class="ms-Icon root-32 css-569 css-330" style="font-family: FabricMDL2Icons-1;"></i>Educational resources</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="Tag" role="img" aria-label="Discounts on products and services" class="ms-Icon root-32 css-393 css-330" style="font-family: FabricMDL2Icons;"></i>Discounts on products and services</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="Money" role="img" aria-label="Savings and investments" class="ms-Icon root-32 css-567 css-330" style="font-family: FabricMDL2Icons-4;"></i>Savings and investments</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="ContactHeart" role="img" aria-label="Maternity and paternity leave" class="ms-Icon root-32 css-571 css-330" style="font-family: FabricMDL2Icons-17;"></i>Maternity and paternity leave</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="DateTime2" role="img" aria-label="Generous time away" class="ms-Icon root-32 css-573 css-330" style="font-family: FabricMDL2Icons-3;"></i>Generous time away</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="Heart" role="img" aria-label="Giving programs" class="ms-Icon root-32 css-393 css-330" style="font-family: FabricMDL2Icons;"></i>Giving programs</span></div><div class="KDE7kZPL_kjXdvl00Oro"><span><i data-icon-name="ConnectContacts" role="img" aria-label="Opportunities to network and connect" class="ms-Icon root-32 css-575 css-330" style="font-family: FabricMDL2Icons-8;"></i>Opportunities to network and connect</span></div></div></div>