Microsoft Senior Supply Chain Security Program Manager 

United States, Washington 

630015982

Required Qualifications:

• 4+ years experience in Security Program or Program Management or related field.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications

• Bachelor's Degree in Business Risks, or related field AND 8+ years experience in Security Program or Program Management
  • OR equivalent experience.
• Certified Protection Professional (CPP) or equivalent Protection certification
  • OR Physical Security Professional (PSP)
  • OR equivalent Physical Security Certification.

Find additional benefits and pay information here:Microsoft will accept applications for the role until January 2, 2025.

• Anticipates and addresses security threats by gathering, analyzing, and evaluating information about existing or potential threats to determine the likelihood of Microsoft hardware or hardware suppliers being targeted. Monitors and manages the development of current, emerging, and evolving threats that could have an impact. Identifies and addresses assets or operations where security is inadequate and could be exploited by a threat. Evaluates geopolitical activities and events, synthesizing key intelligence to inform internal and external stakeholders or employees of potential threats. Informs, escalates, and manages risks to the appropriate teams.
• Identifies and interprets security risks. Select, implements, and manages measures to mitigate identified risks. Develop strategies and methods to measure the effectiveness of these actions. Drafts mitigation plans and processes, including appropriate risk registers and controls, and helps accountable owners understand and implement these plans. Ensures alignment and agreement with risk reduction plans and processes, and that accountable owners have the capacity to drive the mitigation plan independently. Holds accountable owners responsible for reducing risk and coordinates across different teams to ensure proper tracking and trending.
• Designs, implements, and monitors controls to treat risks. Monitors and manages the effectiveness of measures taken to modify risks. Monitors and manages the security aspects of assets/projects throughout the asset or project lifecycle. Participate in discussions to develop plans of action and milestones to track and mitigate risks.
• Performs analysis to detect advanced security threats, alerts, or risks. Leverages data to deliver actionable insights and drive our threat management and security risk management strategy.
• Contributes to the development of the risk assessment model. Obtains the appropriate datasets internally or externally to ingest into the risk assessment model. Determines what information is needed and how the information is applied in the model independently. Builds and sustains analytical models. Ensures appropriate data is available. Identifies the correct methodology and framework for risk modeling independently. Leverages the appropriate datasets and up-to-date risk methodologies, determines critical information to include in the model(s), and makes in-depth recommendations to update the model, as necessary. Leadership
• Develops public, private, and supplier partnerships. Engages with the stakeholders and communicates risk assessment findings. Coordinates activities with stakeholders as appropriate.
• Consults stakeholders to provide security capabilities. Collaborates with teams to implement risk management frameworks for identifying and controlling security risks across the CSCP Universe of Risks. Anticipates and addresses global security disruption to drive decision-makers in mitigating risks and responding to residual risks. Summarizes and reports risk analysis findings to internal and external stakeholders and leaders. Advises on strategy to mitigate and respond to residual risks based on its team's anticipation of global and physical disruption.
• Facilitate discussions with internal and external program leaders to establish a strategic vision and service model to improve security operations. Communicates security-related strategy to the respective suppliers and internal stakeholders. Identifies innovation and technology improvements and contributes to the development of new security delivery-related applications and processes. Develops strategy to mitigate and respond to residual risks based on its team's anticipation of global and physical disruption.
• Other
  • Embody ourand