As part of the Compliance team, the Compliance Manager for Third Party Risk Management (TPRM) plays a critical role in ensuring the security, reliability, and integrity of our datacenter lifecycle. The role is designed for a visionary professional who can excel in building from the ground up, while focusing on the comprehensive identification, management, and mitigation of risks associated with our data center supply chain. –This may include suppliers, contractors, and service providers. The ideal candidate will bring a strategic mindset to developing policies, processes, and controls that align with industry best practices and regulatory requirements, ensuring the resiliency and integrity of our data center operations.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities
- Program Development: Design and implement a comprehensive TPRM framework tailored to the unique needs of a datacenter organization. This includes developing policies, procedures, key performance indicators, and controls for managing risks related to third-party suppliers, contractors, and service providers.
- Strategic Planning: Lead strategic planning efforts to identify key risk areas within the identification and performance of datacenter supply chains, setting priorities for assessment, mitigation, and monitoring activities. Develop a roadmap for the program’s growth and evolution, ensuring alignment with business objectives and compliance requirements.
- Stakeholder Engagement: Engage with key internal and external stakeholders to establish and communicate the TPRM program’s objectives, deliverables, and timelines. Foster relationships with program leads to ensure alignment with overall business strategy and risk appetite.
- Supplier Risk Assessment: Establish a standardized process for conducting risk assessments of third-party suppliers. Ensure comprehensive due diligence is conducted for all new and existing third-party relationships.
- Compliance & Regulatory Alignment: Ensure the TPRM program complies with relevant industry standards, regulatory requirements, and best practices. Regularly review and update the program to adapt to changes in the regulatory landscape or business operations.
- Education & Training: Develop and deliver training programs to educate employees on third-party risk management principles, policies, and procedures. Promote a culture of risk awareness and compliance throughout the organization.
- Continuous Improvement: Implement a continuous improvement process for the TPRM program, incorporating feedback from audits, incident responses, and stakeholder input to enhance effectiveness and efficiency.
- Embody our Culture and Values.
Qualifications
Required Qualifications:
- Bachelor's Degree in Science, Business, Engineering, or related field AND 4+ years experience in business, legal/regulatory, compliance, audit/consulting firm
- OR equivalent experience.
Preferred Qualifications
- Advanced degree in Business, Finance, Law, Information Technology, or a related field, with professional certifications (e.g. CISA, CRISC, CISSP, CCPE) highly preferred.
- Minimum of 7 years experience in risk management, compliance, or a similar field, with at least 3 years focused on program development or strategic planning.
- Demonstrated experience in building and scaling risk management or compliance programs, ideally within a data center or technology-focused environment.
- Deep understanding of the datacenter ecosystem and the associated third-party risk landscape.
- Proven ability to lead strategic initiatives, engage with senior stakeholders, and drive cross-function collaboration.
- Analytical, project management, and communication skills.
Compliance IC4 - The typical base pay range for this role across the U.S. is USD $91,800 - $178,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $117,900 - $195,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay.
Microsoft will accept applications for the role until May 5, 2024.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
