Overview:

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.

Within Core Security in the CISO organization, leaders drive security outcomes across multiple domains, including corporate security, third-party and vendor ecosystems, business and partner solutions, regulated environments, and M&A. Each domain has distinct systems, priorities, and risk landscapes, which creates a complex operating environment.
Security signals exist across these areas, but they are often fragmented.

As a result, it can be difficult to identify emerging security risk early, understand true execution health, and intervene before issues escalate. The challenge is turning these signals into trusted, decision ready insight and then converting that insight into action. As a Principal Technical Program Manager, you will reduce security blind spots and execution drift by transforming fragmented security signals into clear, actionable recommendations. You will partner closely with senior security leaders and Deputy CISOs across Core Security to accelerate information flow, assess execution health, and remove blockers that prevent critical initiatives from delivering meaningful risk reduction. This role is ideal for someone who thrives in ambiguity and operates comfortably across complex problem spaces and executive decision-making. You are energized by building durable operating mechanisms that scale and drive real action, not just awareness.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities:

• You will define and drive the operating mechanisms that enable Core Security leaders, including Deputy CISOs and Operating CISO, to understand, monitor, and actively manage risk posture and execution health across domains, and ensure issues translate into action.
• Define and drive a cross-domain program that delivers consistent, decision ready visibility for executive leadership, including CISO-level reporting, by analyzing complex security programs to surface risks, execution gaps and provides recommendations with clear prioritization.
• Design, implement, and operate a durable rhythm of business through comprehensive security metrics and reporting program (including State of the Union documents, dashboard, trend reviews, and resource allocation reviews) that support leadership decision-making, sets maturity expectations, measures executive health, and ensures follow-through.
• Act as an opinionated, trusted, and data-driven partner to engineering and security SMEs by shaping solution options for emerging risks and delivery gaps, providing clear recommendations and tradeoffs, reviewing proposals where needed, and driving decisions that reduce risk and deliver measurable outcomes.
• Lead cross team dependency, risk, and tradeoff management by identifying shared failure modes and execution drift, driving alignment, and escalating to leadership with clear context and recommended actions when progress or posture is at risk.
• Create and maintain executive ready reports, dashboards, and briefings that translate complex signals, including incidents, SFI metrics, risks, assessments, and delivery plans, into synthesized views of enterprise security posture, risk trends, and execution health to enable CISO-level decision making.
• Lead and influence the execution of enterprise-wide security initiatives, aligning cross functional stakeholders to deliver measurable outcomes in risk reduction, operational resilience, and execution predictability, and stepping in as needed to drive progress, resolve gaps, and sustain momentum through influence and pragmatic problem solving.
• Continuously improve signal quality and operating effectiveness by defining standards for risk representation and execution health, pressure-testing insights against outcomes, and iterating mechanisms based on outcomes and lessons learned to drive better results.

Qualifications:

• Bachelor's Degree AND 6+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience.

Prefered Qualifications

• 3+ years of experience managing cross-functional and/or cross-team projects.

• Experience managing dependencies, risks, and tradeoffs across multiple teams, including driving escalation and course correction when delivery is at risk.

• Experience influencing without authority to align stakeholders, resolve conflicts, and deliver outcomes in ambiguous, cross organizational environments.

• Experience working in security, privacy, risk, or compliance domains, including partnering with security or engineering teams to drive risk reduction and secure outcomes.

• Bachelor's Degree AND 10+ years experience engineering, product/technical program management, data analysis, or product development OR equivalent experience.

• 8+ years of experience managing cross-functional and/or cross-team projects.

• 1+ year(s) of experience reading and/or writing code (e.g., sample documentation, product demos).

• Experience with collecting, analyzing, and reporting security metrics using data querying and visualization tools.

• Experience with risk management, threat modeling, and/or security incidents.

• Experience delivering executive and/or CISO-level reporting and driving decision making at a senior leadership level.

Technical Program Management IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.