Massachusetts Veterans Jobs

MassHire JobQuest Logo

Job Information

Microsoft Corporation Senior Risk Manager Cybersecurity in Cambridge, Massachusetts

Are you interested in enhancing one of the most exciting products in Microsoft, passionate about exceeding customer expectations and advancing Microsoft's cloud first strategy?

The Azure Hardware Systems & Infrastructure Organization’s (AHSI) Security, Risk & Compliance team is building an architecture and validation program to drive world class security, sustainability, and resilience of our Azure infrastructure.

We are looking for a Senior Risk Manager – Cyber & IT. The Senior Risk Manager – Cyber & IT will, in conjunction with the team, drive the progression of the risk baseline for Azure hardware and systems.

You must have the ability to think strategically at a global level and effectively develop key processes, procedures and communications that facilitate cross-functional implementation of compliance processes and risk reporting. An experienced and motivated risk and compliance individual contributor is needed to work across a matrixed team in place today and growing in the future. The successful candidate has a track record of developing strong relationships, collaborating across teams, coordinating multiple timelines, and managing complex, cross discipline projects.

Responsibilities

  • Drive initiatives tied to Supplier Security across various business teams that deal with information technology

  • Manage incidents in Azure cyber supply chain at third-parties

  • Partner with business groups to manage security requirements at third-party locations

  • Meet with stakeholders to gather and integrate feedback and evangelize the program

  • Create metrics and measure progress and compliance

  • Author case-studies or whitepapers highlighting gaps, lessons learned, and recommendations

  • Provide supply chain security assessment remediation oversight.

Qualifications

  • 5 years minimum in a Cybersecurity, Risk Management, Supply Chain security, or related role

  • BS/BA in Electrical Engineering, Cybersecurity, Computer Science, Physics or related field or equivalent work experience

  • Strong written/oral communication skills required, along with desire and ability to communicate with business and engineering teams through all levels of the organization

Qualification - Preferred

  • Familiarity with Cyber Risk Management concepts and controls (e.g. US NIST 800-171, US NIST 800-53, ISO 27000 series, SOC 2, CIS Controls)

  • Familiarity with Data Privacy and data removal standards (e.g. NIST 800-88)

  • Experience with security audits, mitigation plans and driving operational improvements

  • Strong written/oral communication skills required, along with desire and ability to communicate with business and engineering teams through all levels of the organization

  • Ability to partner with engineering and business teams to build credibility and trust while driving alignment around common strategy

  • Proven capability to make quick, thoughtful, and defensible decisions from a position of ambiguity

  • Experience with information technology and products and cloud environments

  • CISSP, CCSP, CEH, CISA CRISA or similar, related certification

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

DirectEmployers