Director Supplier Trust & Compliance

Successful business relationships are built on trust and shared values – this is an opportunity to lead a team as our Director Supplier Trust & Compliance that programmatically helps Microsoft suppliers understand our values and data protection expectations. We hold suppliers to Privacy, Security and Responsible AI standards that consider cybersecurity risk, regulatory obligations, data subject rights to name a few -- contributing to our company reputation, “Microsoft runs on Trust’. 

The Microsoft Supplier Security and Privacy Assurance (SSPA) program is a corporate control that sets requirements for our global suppliers and drives compliance to these standards. This is an opportunity to lead a team paying equal attention to enabling an innovative operation and securing high quality compliance due diligence records to provide assurance to the company while also serving auditors executing different types of audits, certifications and regulatory inquiries.

This role requires a skilled executive communicator who can effectively engage with leaders and peers across procurement, business functions and external companies. You are adept at conveying Privacy, Security, and Responsible AI policy positions with confidence and can reframe your arguments on the fly to ensure understanding and compliance. You handle difficult conversations with ease and can model and coach these communication skills to further develop your team. Your agility allows you to adapt quickly to changing circumstances and reframe positions for different target audiences.

You will partner with risk domain stakeholder leaders to understand priorities and be adept at anticipating directional changes considering near term and horizon scanning. You will need to provide strategic leadership, understanding the breadth and depth of supplier interactions across Microsoft to ensure the team builds and then maintains a viable baseline of due diligence that suppliers can pragmatically attain as they provide services on behalf of Microsoft.

You will manage relationships effectively, fostering collaboration and enhancing peer review practices to achieve well-balanced compliance decisions. Your ability to clarify problem statements, make strategic recommendations, and drive progress will be crucial in delivering timely and impactful results.

It’s an exciting time at Microsoft – you will lead the team with a growth mindset, encouraging them to think big, experiment, pilot, and re-iterate and embed into business processes. You will focus on systems thinking, building and integrating processes to drive optimization across procurement and the company. Your leadership will support our suppliers in becoming regulation-ready with foundational security practices to deliver high-quality outcomes.

Qualifications

Required/Minimum Qualifications:

• Bachelors Degree in Science, Business, Engineering, or related field AND 8+ years experience in business, legal/regulatory, compliance, audit/consulting firm
  • OR equivalent experience.
• Certified Information Systems Security Professional (CISSP) certification OR an International Association of Privacy Professionals (IAPP) Privacy Professional certification OR American Institute of Certified Public Accountants (AICPA) qualified auditor is required.

Compliance M6 - The typical base pay range for this role across the U.S. is USD $129,200 - $273,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $162,000 - $299,400 per year.

Microsoft will accept applications for the role until January 29, 2025.

Responsibilities

• Uphold program integrity and standards as the Compliance Director, ensuring that privacy, security and responsible AI principles are at the forefront as you support Procurement colleagues business engagements.
• Lead the team to deliver on the Corporate control compliance remit, balancing business expediency with expected compliance outcomes.
• Ensure our operating standards maintain ongoing green audit reports from Internal Audit, regulatory inquiries, customer audits and Microsoft ability to successfully attain International Orgnization for Standardization (ISO) certifications and Service Organizational Control (SOC 2) reports.
• Lead the team to examine existing operating guardrails, always considering effectiveness and whether changes are warranted.
• Provide thought leadership to enterprise stakeholder risk domain leaders and as we align leaders on the broad and critical role suppliers play to support Microsoft products, datacenters, sales, marketing and corporate functions so that well-considered policies are developed.
• Define and align leaders around revisions to controls based on policy updates, clarify tradeoffs to balance operational recommendations based on priorities, accountabilities. Evaluate proposed changes as the team converts policy directives into reasonable supplier standards containing operational impacts.
• Drive customer support service improvements that increase satisfaction scores without compromising the compliance remit.
• Participate and provide your thought leadership in efforts to streamline the end-to-end buying process , adding your compliance control mindset to discussions.
• As an agile leader you will be accountable to enable supplier security, privacy and responsible AI compliance, while also delivering on our strategic priorities: increase turn around time, secure our future, unlock operational leverage though operational excellence.