Microsoft Privacy Program Manager 

United States, Washington 

912088757

MCAPS unifies the commercial go-to market organization to accelerate our progress, stay true to the Microsoft mission, and empower our customers, partners, people, and Microsoft’s growth. Within MCAPS, TrIP (Trust and Integrity Protection) defines processes for customers’ data protection including privacy, security, governance, risk, and compliance solutions, and provides guidance and oversight across the MCAPS division. In TrIP, the PACE (Privacy, AI, & Customer Enablement) Team is responsible for Privacy, data protection, and Responsible AI initiatives for the division. The successful candidate will:

• Perform critical activities, including technology privacy reviews, data governance, and projects relating to continuous improvement and response to new challenges.
• Provide subject matter expertise related to the privacy of software and platforms across the MCAPS organization.
• Leverage a risk-based mindset to highlight risks and impacts.
• Possess technical aptitude and operational ability .

• 6+ years’ experience in Risk Management, Privacy, Security, Compliance, Government Intelligence, Operations, Auditing, and/or Finance
  • OR bachelor's degree AND 4+ years’ experience in Risk Management, Privacy, Security, Compliance, Government Intelligence, Operations, Auditing, and/or Finance
  • OR equivalent experience.

Preferred:

• 2+ years’ work experience in program/or software project management.
• CIPP, CIPM, or CIPT qualification or equivalent Privacy certification.
• Demonstrated ability to review privacy applications and platforms and identify compliant mitigation strategies.
• Ability to identify, analyze, and document privacy risk and recommend appropriate mitigation measures.
• Demonstrated ability to incorporate and balance diverse perspectives to address complex business issues.
• Ability to collaborate with other professionals, remove barriers to progress, and lead cross organizational teams to accomplish complex technical objectives.
• Experience with global privacy regulations.
• Understanding of contemporary cloud computing models (IaaS, PaaS, Saas) with emphasis on Microsoft technologies.
• Written/oral communication skills with the desire, and ability to communicate through all levels of the organization.
• Problem-solving skills and ability to think creatively, communicate recommendations, influence change and drive process in extremely dynamic environments.
• Ability to create structure and respond flexibly in complex, ambiguous, and time sensitive situations.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until July 31, 2024.

Privacy reviews and risk mitigation

• Conduct in-depth privacy assessments on technology assets to ensure compliance with the Microsoft standards (including the Microsoft Privacy Standard), and proactively identify and interpret privacy risks, with a particular emphasis on systemic risks. Collaborate with SMEs to thoroughly document risks and recommend effective mitigations. Follow through to ensure implementation of mitigations.
• Facilitate completion and maintenance of Data Protection Impact Assessments (DPIA) and Records of Processing Activities (ROPA).
• Promptly respond to stakeholder requests for guidance on data protection matters including collaborating with other domain SMEs across TrIP on the more complex enquiries. Using a risk-based approach, clearly document and communicate guidance, including restrictions or conditions, back to the requestor. Create and maintain a library of guidance documentation to enable stakeholder self-service of frequent requests.
• Investigate and make recommendations on the use of technology, including Purview and Priva, and other automation opportunities to reduce the burden of compliance on the business and further mitigate risks.

Lead Privacy projects

• The Privacy Program Manager is expected to manage projects and/or programs with direct impact on the success of key company strategic objectives, including MCAPS compliance with upcoming regulations (e.g., the EU AI Act, India DPDP, and others).
• Partner with cross organizational teams, including Legal, MCAPS business teams, and Engineering, to undertake projects to foster continuous improvement in risk reduction practices in MCAPS.

Deliver results through teamwork

• Effectively collaborate with team members across TrIP to ensure alignment on data protection best practices, tools, and implementation.
• Build and nurture positive working relationships with stakeholders and leadership and be engaged as a trusted advisor.

Embody our and .