New job, posted less than a week ago!
Job Details
Posted date: Aug 14, 2025
Category: Legal & Corporate Affairs
Location: Redmond, WA
Estimated salary: $164,550
Range: $105,800 - $223,300
Employment type: Full-Time
Travel amount: 25.0%
Work location type: Microsoft on-site only
Role: Individual Contributor
Description
At Microsoft, security is our top priority. Our services and products are considered critical infrastructure, and we are entrusted to protect the data of our customers around the world. Both the global cybersecurity threat landscape and regulatory landscape are rapidly changing, and to meet the challenge, we must continuously evolve to protect our products and services, as well as meet regulatory requirements.The Senior Cybersecurity Standards Professional sits within the Corporate Standards Group (CSG), a global organization reporting out of Microsoft’s headquarters in Redmond, WA in the United States. The role is part of a globally distributed team comprised of standards, certification, and other technical professionals. CSG partners closely with engineering and business groups, policy, legal and government affairs teams, and others as appropriate to drive standards and certification-related outcomes supporting Microsoft’s business.
The role
Cybersecurity expertise is highly valued, including knowledge of current and emerging cybersecurity technologies, trends and techniques. We value familiarity with Microsoft technology, our customers’ and partners’ needs, and the regulatory landscape related to cybersecurity.
The person in this role will engage with international standards organizations as well as other multi-stakeholder, consensus-driven groups focused on cybersecurity. They will effectively represent Microsoft with clarity, credibility and leadership on a complex set of issues with a wide range of geographically distributed stakeholders, both internally and externally. They will also engage in public policy, intellectual property, and business strategy. The role requires working in a cross-domain fashion, across areas such as privacy, AI, data and platforms. They will be expected to establish a network across Microsoft to ensure that standards are developed to align to and meet the needs of the business.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Develop cybersecurity standards and strategies that align to and meet the needs of the business, including regulatory considerations. Execute defined strategies through deep engagement in diverse technical, policy and standards-focused organizations such as: International Organization for Standardization (ISO)International Electrotechnical Commission (IEC)National Institute of Standards and Technology (NIST)Create technical contributions to cybersecurity standards. Effectively represent Microsoft at both the technical and governance level of the relevant organizations and constructively contributes to specifications under consideration by those bodies. Maintain effective and collaborative relationships with other participants and leaders within the organizations in which Microsoft participates. Work with industry partners, government bodies, enterprise customers, civil society, and academics to find common ground and opportunities for collaboration in the development and implementation of cybersecurity standards. Work across technical domains to ensure that cybersecurity standards include measures to efficiently protect across services, data uses and technologies. Facilitate alignment and collaboration with intra-group and/or cross-group projects and encourage accountability through project management approaches. Collaborate with internal stakeholders (legal, policy, engineering teams) to understand and align objectives, priorities, and resources around cybersecurity standards strategy, including key policy and technical issues. Work with product groups/engineering groups/feature groups to drive new content into standards and to provide awareness where standards are being developed for compliance purposes. Embody our culture and values
Qualifications
Required/Minimum QualificationsBachelor's Degree in Computer Science, Cybersecurity or Engineering or related field AND 4+ years work experience in cybersecurity engineering, product or technical program management of cybersecurity domain, technical sales or relevant cybersecurity subject matter. OR equivalent experience4+ years experience implementing, developing, or using cybersecurity technologies and techniques.Additional or Preferred Qualifications
Experience implementing, developing, or using the following cybersecurity technologies and techniques:Threat modelling Red teaming Network security operations Secure software development Supply chain security Identity management Encryption and key management Incident managementThreat and vulnerability managementExperience implementing, using, or developing cybersecurity standards and/or regulations and requirements (e.g., ISO/IEC 27001/02, NIST Special Publication 800-53, Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPPA), etc.)Experience with cybersecurity in emerging technologies (e.g., AI). Experience managing open-source security risks. Technical experience in Information and Communication technology (ICT), including how complex software systems are built, deployed and used; and programming experience in online and distributed systems. Experience in standards setting (or similar consensus-driven processes), including technical engagement activities with diverse stakeholders. Experience in audit, certification, and conformity assessment such as SOX, ISO/IEC 27001, NIST 800-53, HIPPA, etc. Expertise in other areas of technical regulation such as privacy, artificial intelligence, data flow and distributed systems.
Government Affairs IC4 - The typical base pay range for this role across the U.S. is USD $105,800 - $204,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $136,200 - $223,300 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until August 28th, 2025.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#CELA
Check out other jobs at Microsoft.