"Alerted.org

The **Data Center Supply Chain Risk Manager** is responsible for developing and managing a risk-based, outcome-focused audit program covering specific enterprise risks areas within Microsoft. If you love working with a team of high-powered performers, cutting edge technology, and solving complex technology and business problems, we want you on the team. We need passionate, self-motivated, big picture thinkers, who can work across Microsoft’s organization boundaries to ensure our Internal Audit plans are risk based, thorough and relevant year over year.

Responsibilities

+ Own the ongoing risk definition, prioritization, and Audit coverage plan/Risk universe view of audit coverage as well as documented tradeoffs where applicable.

+ Analyze risk trends to the specific assigned areas of the company to contribute to the annual plan by identifying trends and potential blind spots for leadership and the Board of Directors. For example, managing a risk portfolio by completing planning and risk assessment, according to professional standards of the IIA (Institute of Internal Auditors) and relevant industry or regulatory standard.

+ Contribute to annual program and project planning, by partnering with other program managers and stakeholders from the assigned areas of the company to ensure that key risks will be addressed in the upcoming plan. For example, obtaining and analyzing business information to contribute to the annual audit plan and complete individual project planning.

+ Ensure that prioritized projects focus on specific key risks to Microsoft in a consistent methodical approach.

+ Leverage internal partnerships and networks to maximize the achievement of business goals and increase business acumen. For example, coordinating with stakeholders and subject matter experts across the company to understand business objectives and areas of risk.

+ Influence management as a trusted advisor to clarify risks to their business and where there may be potential blind spots. For example, providing clarification on risks to the business identified during the audit.

+ Ensure clear and concise audit reporting of risks tested during the audit. Analyze and advise management on whether their planned actions will mitigate identified risks. For example, reviewing audit reports and management responses. Reviewing team's audit findings and report to provide comments on quality against audit objectives when needed.

+ Report clear and concise analysis of all audit results to identify trends and blind spots for the leadership and the Board of Directors. For example, drafting the quarterly audit reports for the Audit Committee.

+ Build business acumen, foster inclusive culture, and risk mindset for the lead and audit team. For example, providing actionable insight and coaching through feedback.

+ Embody Microsoft Values and “One Microsoft,” while embracing a growth mindset and driving impact. Champion an inclusive and collaborative workplace where everyone can be their best.

+ Raise the technical knowledge of self and the group on assigned risk areas through training and continuous professional development.

Qualifications

Required/minimum qualifications:

+ Bachelor's Degree AND 4+ years experience in engineering, product/technical program management, data analysis, or product development

+ OR equivalent experience.

+ 2+ years of experience managing cross-functional and/or cross-team projects.

Additional or preferred qualifications:

+ Bachelor's Degree AND 8+ years experience in engineering, product/technical program management, data analysis, or product development

+ OR equivalent experience.

+ 6+ years of experience managing cross-functional and/or cross-team projects.

+ 1+ year(s) of experience reading and/or writing code (e.g., sample documentation, product demos).

• Proven program management skills, with a record of effectively managing an audit or compliance program in a decentralized, empowered, and constantly changing environment.

• Persuasive communication skills, with the ability to deliver controversial messages to management. Ability to communicate highly technical issues to both technical and non-technical audiences during audit program development and report delivery.

• Demonstrated knowledge and experience in drafting advisory memorandums of findings, conclusions, and recommendations for management action plans.

• 5+ years experience in cloud computing, engineering/ software development organizations, with a focus on privacy, information security, compliance or certification audits.

Technical Program Management IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until August 11, 2025.

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .