Job Details
Posted date: Aug 04, 2025
Category: Governance, Risk, & Compliance
Location: Washington D.C., District of Columbia
Estimated salary: $151,450
Range: $96,500 - $206,400
Employment type: Full-Time
Travel amount: 25.0%
Work location type: Up to 100% work from home
Role: Individual Contributor
Description
Do you see yourself as subject matter expert for enabling privacy of software/platforms for Microsoft’s Federal program? Do you care about collaborating, networking, and evangelizing the future state of data privacy in the era of AI? Privacy, Resilience, Incident Response & Management, Accessibility (PRIMA) team is looking for a Privacy Risk Manager to undertake privacy assessment and mitigation activities, including platform privacy reviews to support the compliant deployment of applications for the MCAPS (Microsoft Commercial and Partner Solutions (MCAPS) Division Federal program.We are seeking a Privacy Risk Manager to join our team.
MCAPS unifies the commercial go-to market organization to accelerate our progress, stay true to the Microsoft mission, and empower our customers, partners, people, and Microsoft’s growth. Within MCAPS, TrIP (Trust and Integrity Protection) defines processes for customers’ data protection including privacy, security, governance, risk, and compliance solutions, and provides guidance and oversight across the MCAPS division. In TrIP, the PRIMA Team is responsible for Privacy, data protection, Accessibility, Incident Response and Business Resiliency initiatives for the division. The successful candidate will:
Perform critical activities, including technology privacy reviews.Respond to stakeholder queries on more complex privacy matters.Leverage a risk-based mindset to highlight risks and impacts.Possess technical aptitude and operational ability.Proficiency in program and project management, the ability to influence without authority, comfortability working in ambiguous and rapidly changing ecosystems, and clearly communicating the impact and scope of your work to partners and leadership are critical to success in this role.
Our team values collaboration and proactive knowledge sharing to help support the entire team's growth. You will be expected to model Microsoft values and the One Microsoft culture in your behaviors and actions.
Privacy risk mitigation
Conduct in-depth privacy assessments on technology assets to ensure compliance with the Microsoft standards (including the Microsoft Privacy Standard) and contractual requirements, and proactively identify and interpret privacy risks, with a particular emphasis on systemic risks.Collaborate with subject matter experts (SMEs) to thoroughly document risks and recommend effective mitigations. Follow through to ensure implementation of mitigations.Promptly respond to stakeholder requests for guidance on data protection matters including collaborating with other domain SMEs across TrIP on the more complex enquiries. Using a risk-based approach, clearly document and communicate guidance, including restrictions or conditions, back to the requestor.Create and maintain a library of guidance documentation to enable stakeholder self-service of frequent requests.Stakeholder management
Establish and maintain relationships with stakeholders from the Federal program as a trusted advisor.Independently present risk assessment information, detailing relevant behaviors, activities, or processes, and the associated risks to ensure awareness and support. Explain risk-related terms and concerns, connecting them to appropriate business areas.Surface risk insights on resource prioritization, root causes, risk identification, and top risk-related mitigations in relevant compliance forums.Collaborate with stakeholders to determine the best course of action and oversee implementation of controls.Controls and Data governance
Review US Federal government data protection requirements and contracts to ensure obligations are understood.Partner with the business to understand Federal offerings and ensure the necessary controls are in place to confirm compliance with those obligations.Where gaps are identified, create and implement the necessary controls.Create authoritative documentation and guidelines for managing Federal data.Approve all data access requests to Covered Unclassified Information to ensure appropriate access and use.Deliver results through teamwork
Effectively collaborate with team members across TrIP, particularly the Responsible AI and Security teams, to ensure alignment on data protection best practices, tools, and implementation.Collaborate with other privacy groups where responsibility overlap is present and provide a seamless experience for the stakeholders.
Qualifications
Required QualificationsBachelor's Degree AND 4+ years experience in risk management, privacy, security, compliance, government intelligence, operations, and/or finance OR 6+ years experience in risk management, privacy, security, compliance, government intelligence, operations, and/or finance OR equivalent experience.Understanding of U.S government data protection requirements for controlled unclassified information (CUI) and experience with working with appropriate standards such as NIST 800-171.Other Qualifications:
Citizenship & Citizenship Verification: This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customer and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government Clearance.Additional or Preferred
2+ years’ work experience in program/or software project management.IAPP CIPP, CIPM, or CIPT, or AIGC qualification or equivalent Privacy certification.Understanding of current developments in AI and the responsible use of AI.Demonstrated ability to review applications and platforms and identify compliant mitigation strategies for privacy.Understanding of the impact of AI on data privacy.Demonstrated ability to incorporate and balance diverse perspectives to address complex business issues. Ability to collaborate with other professionals, remove barriers to progress, and lead cross organizational teams to accomplish complex technical objectives. Understanding of contemporary cloud computing models (IaaS, PaaS, Saas) with emphasis on Microsoft technologies.Written/oral communication skills with the desire, and ability to communicate through all levels of the organization.Problem-solving skills and ability to think creatively, communicate recommendations, influence change and drive process in extremely dynamic environments.Ability to create structure and respond flexibly in complex, ambiguous, and time sensitive situations.Risk Management IC4 - The typical base pay range for this role across the U.S. is USD $96,500 - $188,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $123,500 - $206,400 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until August 9, 2025.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#AITjobs
Check out other jobs at Microsoft.