Compliance Program Manager
Redmond , Washington
December 11, 2017
Universal Store (UST) is Microsoft’s center for the payment processing, ecommerce, and monetization of Microsoft’s online products and services. Being at the financial heart of Microsoft’s online and cloud transition, the Microsoft Universal Store is subject to complex security, privacy, financial, and regulatory requirements. The Store processes hundreds of millions of online purchase transactions every year.The UST Compliance Program Manager is committed to ensuring UST teams are efficient and effective in meeting our audit, attest, and certification requirements. UST is increasingly needing to obtain certifications and attestations from external parties to demonstrate adherence to accepted audit and industry standards. In support of these current and expanding compliance needs, we are seeking a strong and seasoned program manager to build and grow our compliance program management office.You will be an energetic self-starter joining our Store governance, risk, and compliance team to define and build compliance roadmaps and assist UST teams in onboarding to these programs to attain needed certifications and attestations.Additionally, you will assist these teams during the audit process to drive efficient auditor/UST work.

This position is responsible for supporting UST engineering and business operations teams in developing and improving our compliance program. This includes providing compliance consulting, crafting audit, attestation, & certification standards/procedures/FAQs, creating self-service processes to drive efficiency, as well as working with other company product and service groups to align compliance requirements and ensure UST teams and their service meet internal and contractual requirements/expectations.

The UST Compliance Manager will have a range of responsibilities and requirements:

•Results-oriented, determined, and experienced program manager with a good understanding of one of more of the following audits/certifications/attestations: SOC1, SOC2, ISO27001/18/34, EUMC, HIPAA, and/or FedRamp.

•Knowledge of SOX and PCI a plus.

•Ability to work with engineering teams to build in requirements and define/develop compliant requirements within current and future services and products.

•Collaborate across UST, as well as with our division peers and other company compliance teams to build an efficient and effective compliance management program that ensures compliance boundaries are properly set for UST services.

•Maintain mechanisms to understand compliance management practices required across the businesses and services we support.

•Evangelize UST’s compliance strategy and solutions throughout all Universal Store teams.

•Manage all aspects of the compliance audit process including: controls testing and validation, gap remediation, quality monitoring, program governance, controls tracking, control and process updates, scope definition and audit planning, audit liaison for UST team and independent auditors, post-audit evaluation/lessons learned, and continuous improvement programs to drive efficiency of compliance program work.

•Develop tooling, automation, and self-service processes for internal teams to better comply with compliance controls and audit requirements including use of controls libraries, controls automation, and listening/reporting systems.

•Develop and deliver compliance training for new teams onboarding to the compliance program, as well as ongoing training for existing teams.

•Develop and enhance systems, tools, and processes to ensure compliant with standards and practices; Work as the SME to enhance the compliance program as audit/certification/attest standards change or evolve.

•Manage and enhance internal documentation and evidence of compliance for UST.

•Work collaboratively across a broad spectrum of Microsoft employees, vendors, technologies, products, and services.

•Strong organizational skills and ability to manage multiple projects, able to work both independently and as part of a project team in a fast-paced environment.

•Able to own a program/project and confidently drive requirements across teams with multiple stakeholders.

•Specific experience managing or leading compliance audits or certifications within a business or team.

•BA or BS in technology, business or related field is required; relevant finance, audit, IT, or risk certification(s) desired.

•3+ years PM experience or equivalent with at least 1-2 years with audit/certification/attestation leadership.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to

A little about us:
Microsoft offers training and employment opportunities to help you turn your military experience and skills into a civilian technology career.

Know someone who would be interested in this job? Share it with your network.