New job, posted less than a week ago!
Job Details
Posted date: Aug 20, 2025
Category: Governance, Risk, & Compliance
Location: Redmond, WA
Estimated salary: $122,400
Range: $76,800 - $168,000
Employment type: Full-Time
Travel amount: 25.0%
Work location type: Up to 50% work from home
Role: Individual Contributor
Description
If you love the pursuit of excellence and are inspired by the challenges that come through driving innovations that impact how the world lives, works and plays, then we invite you to learn more about Microsoft Business Operations (MBO) - and the value we deliver across Microsoft and to our customers and partners.We offer unique opportunities to work on interesting global projects in an environment that appreciates diversity, focuses on talent development, and recognizes and rewards great work. 
Operational Risk Management professionals enable business strategy through a programmatic and global approach to risk management, by methodologically determining, assessing, managing and establishing accountability for the most critical risks facing the company. Microsoft has a sizable community of talented individuals in dedicated risk management roles who are responsible for making our business objectives more likely to be realized and to protect one of the world’s most valuable brands. Operations is uniquely positioned within the company, supporting almost every product Microsoft offers which presents upstream and downstream dependencies. 
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
 
Governance 
Utilizes knowledge of policies, laws, and regulations to make informed decisions independently, aligning with business needs. May interpret this information to safeguard Microsoft and its customers while advancing the business. Identifies non-conformance issues, escalates them to management, and adheres to program guidelines based on corporate policies.  Determines ownership and accountability for key risks and mitigation activities with minimal guidance.  Continuously reports on risk levels and updates accountability owners on their status.  Assists in presenting risk assessment information, detailing relevant behaviors, activities, processes, and associated risks to ensure stakeholder awareness, support, and approval.   
Controls 
Assesses end-to-end operational processes and dependencies for efficiency and effectiveness opportunities. Recommends process and control improvements (e.g., preventative/detective and automated/manual) to mature the control environment.  Test controls to determine their effectiveness and identifies areas for improvement, offering design adjustment suggestions with minimal guidance.  Collaborates with the team to define controls, identify potential failure points, and ensure routine issues are addressed during the design process with minimal guidance.  Conducts periodic reviews of existing controls to ensure they remain effective and relevant to the current risk environment. Provides feedback on control performance and suggests enhancements to improve efficiency and effectiveness.  Ensures that controls are aligned with industry standards and regulatory requirements, making adjustments as necessary to stay compliant. 
Consult/Advise/Educate 
Collaborates across teams to ensure consistent application and communication of regulations and standards, delivering training and beginning to take ownership of training aspects.  Advises on compliance of products, processes, and programs.  Educates teams on compliance requirements, reviews result, conducts informal assessments, and monitors compliance within specific areas. Translates compliance standards and processes into relatable formats for teams. 
Risk Assessment 
Executes the risk management lifecycle process and method for smaller projects, including data collection and analysis.  Gathers and analyzes relevant internal and external information, threat intelligence reports, and conducts interviews or focus groups to identify risks, assess risk levels, and gather additional context with guidance.  Compiles information to understand job, project, or process risks and their root causes for routine projects.  Scores risks and contributes to risk prioritization using appropriate risk profile scoring. Assists in developing risk scorecards using weighted scores and risk management models with guidance. 
Risk Remediation 
Reviews risk governance to ensure appropriate attention to specific risk areas with minimal guidance. Identifies and escalates concerns related to monitored risks.  Drafts mitigation plans and processes, including risk registers and controls, helping accountability owners understand and implement plans to reduce risk with minimal guidance.  Ensures alignment and agreement on risk reduction plans and processes, confirming accountability owners' capacity to drive mitigation efforts, and introduces necessary policy adjustments with minimal guidance.  Coordinates across accountability owners to ensure proper tracking and trending of risk management activities. 
Qualifications
Required Qualifications 
4+ years experience in Risk Management, Privacy, Security, Compliance, Government Intelligence, Operations, and/or FinanceOR Bachelor's Degree AND 2+ years experience in Risk Management, Privacy, Security, Compliance, Government Intelligence, Operations, and/or FinanceOR equivalent experience1+ Years of experience in Process Improvement and/or Change ManagementPreferred Qualifications 
Bachelor's Degree in Risk Management, Engineering, Government Intelligence, Security, or Information Technology, or related field AND 5+ years experience in Risk Management in the context of Operations, Engineering, Information Technology, Business Analyst, Consulting, Auditing, Privacy, Security, Compliance, Government Intelligence, and/or FinanceOR equivalent experienceMembership with a relevant risk domain area association including: International Association of Privacy Professionals (IAPP), International Information System Security Certification Consortium (ISC)2, and Information Systems Audit and Control Association (ISACA), Certified Internal Auditor (CIA), Society for Corporate Compliance and Ethics (SCCE), Disaster Recovery Institute (DRI), Certified Business Continuity Professional (CBCB), Committee of Sponsoring Organizations of the Treadway Commission (COSO), and Institute of Internal Auditors (IIA)
Risk Management IC3 - The typical base pay range for this role across the U.S. is USD $76,800 - $151,900 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $100,800 - $168,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until August 29th, 2025.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form. 
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work. 
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Check out other jobs at Microsoft.