Overview:

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.

The Customer Security Management Office (CSMO), within the Office of the Chief Information Security Officer (OCISO), is responsible for building trust and transparency with customers and other stakeholders regarding Microsoft’s security posture, practices, and response to cybersecurity issues and incidents.

We are seeking a Senior Director to re envision how Microsoft communicates externally about cybersecurity issues and incidents and to strengthen the internal systems that enable those communications. This role will focus on the communications architecture, workflows, and execution that translate complex security activity into clear, credible, and consistent external engagement.

The successful candidate will be a systems thinker and senior operator – someone who can understand complex, highly matrixed workflows; identify the most important leverage points across signal, process, and stakeholders; and make the organization operate more effectively during critical moments. While deeply partnered with security, engineering, legal, and policy teams that own technical and operational decisions, this role is accountable for how Microsoft’s cybersecurity story is shaped, coordinated, and delivered externally.

This is a highly visible leadership role that works closely with senior executives and external stakeholders and plays a critical part in protecting and strengthening customer trust.

• Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities:

• Architect and evolve the cybersecurity communications system

• Evolve the vision, scope, and operating model for how Microsoft communicates externally with customers on cybersecurity issues.

• Design pragmatic, scalable processes that enable clarity, speed, and consistency across complex, cross functional workflows.

• Identify bottlenecks, friction points, and signal loss across teams, and implement targeted improvements that increase effectiveness without unnecessary overhead.

• Lead execution during high-risk moments

• Orchestrate cross functional v teams spanning security, engineering, communications, legal, and others to develop and deliver external communications during high visibility cybersecurity events.

• Ensure that technical context, timelines, and constraints provided by subject matter owners are accurately reflected and clearly translated for external audiences.

• Partner with executives to ensure readiness for external engagement, including briefings, messaging frameworks, and supporting materials.

• Shape communications with contextual awareness

• Maintain awareness of regulatory and government expectations and feedback related to Microsoft’s cybersecurity communications, incorporating that signal into strategy and execution.

• Contribute thought leadership on cybersecurity transparency and engagement that strengthens Microsoft’s credibility as a trusted partner.

• Build durable capability and team strength

• Develop and maintain playbooks, SOPs, and decision frameworks that enable consistent, high quality execution across scenarios.

• Define and implement measures to evaluate program effectiveness and continuously improve how the communications system performs.

• Build and lead a team capable of orchestrating external communications for the highest risk and highest visibility cybersecurity issues facing Microsoft.

Qualifications:

Required/minimum qualifications

• 10+ years experience in program management and/or digital content publishing and managementOR equivalent experience.
• 5+ years people management experience.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
• This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations. As a condition of employment, the successful candidate will be required to provide either proof of their country of citizenship or proof of their U.S. permanent residency or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport. Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable.

Preferred Qualifications: - 5+ years of experience in cybersecurity.

• 5+ years of experience advising on, supporting, or contributing to cybersecurity incident-related external communications to U.S. or foreign government agencies and/or regulators
• 5+ years of experience effectively interact with stakeholders at all levels of the organization,working directly with incident response leaders, investigators, and teams.
• 5+ experience working directly with senior cybersecurity sales executives, research team and cybersecurity sales teams
• Active U.S. government security clearance.
• A track record of delivering complex projects and developing consensus with a variety of internal stakeholders that have high external visibility or PR implications.

Content Program Management M6 - The typical base pay range for this role across the U.S. is USD $163,000 - $296,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $220,800 - $331,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.