Principal PM -OERM / Microsoft / Redmond, WA
Microsoft/Redmond, WAJob Category: IT
Location: Redmond, WA, US
Job ID: 744910-34397
Division: IT
Are you ready to change the way Microsoft manages risk? The Operations Enterprise Risk Management (OERM) Pillar Lead will play a key role within the newly-formed Governance, Risk and Compliance (GRC) team in Information Security Risk Management (ISRM) which is part of MSIT. Chartered to establish and sustain a program that aligns and consolidates regulatory compliance, risk management and governance, the ISRM GRC team will become a leader in how the Microsoft enterprise manages and governs risk for the corporation.
The OERM Pillar Lead role will be critical to ensuring that OERM is aligned with the ERM Program to drive enterprise risk management reporting to the Audit Committee, annual risk assessment and executive reviews. An experienced and motivated Risk professional is needed to lead these high visibility deliverables.
Key Responsibilities and Accountabilities
Risk Reporting: Manage the quarterly enterprise level operations risk update for the Board of Director’s Audit Committee by working with the Board level risk owners and focals.
Risk Assessment: Lead the annual OERM risk assessment across the enterprise by working with the OERM Governance Committee Members, Alternates and their teams to validate top operations risks and identify new/emerging operations risk areas through risk consolidation, normalization and common “themes” identification.
Executive Reviews: Coordinate and/or drive the CIO and COO executive risk reviews.
Risk Framework: Sustain and improve the enterprise risk management framework for identifying, mitigating and controlling risks across the corporate landscape to promote consistency among organizations.
Risk Programs: proactively work, align and/or integrate with critical partners and stakeholders such as:
ERM Risk Assessments done by Strategic, Finance and Legal Pillars
Risk Assessments done by partner groups and enterprise risk owners (e.g., BG’s risk assessment, GFS risk assessment, Information Security assessments, MSIT risk assessment, Business Continuity Management (BCM) risk assessment, etc.)
Risk Management: sustain a system of practices and principles to:
Drive executive awareness of risk status and mitigation plans.
Sustain and improve a risk-based key metrics and trending for Board level risks to evaluate the progress of key risk initiatives.
Risk Partnership: Maintain and enhance positive relations and engagements with key organizations to ensure that stakeholder issues are considered and resolved. Key organizations include:
Operations Enterprise Risk Pillar Management, OERM Governance Committee Members/Alternates and Risk Owners/Focals
Enterprise Risk Management Office
Internal Audit
Treasury Risk Management
Microsoft Information Security Program
MSIT Risk Management Program
Group Privacy Management Committee
Global Executive Business Continuity Management Committee
Qualifications
1. 7+ years experience working on large, complex projects/programs with a proven track record of delivering results on time, to budget and on spec.
2. Demonstrated ability to own and drive programs and initiatives by working through ambiguity is a must.
3. Strong track record of working collaboratively and effectively with senior leaders and teams across organizational boundaries.
4. Executive maturity in presenting to VP or C-level management
5. Previous experience in enterprise risk management required.
6. Strong operational experience in online services and business related background preferred.
7. Previous experience with the following risk management disciplines preferred:
a. Operations risk management and control framework
b. Information Security & Privacy
c. Business Continuity Management
d. Product and Services quality and security
MSIT:ISRM
Nearest Major Market: Seattle
Nearest Secondary Market: Bellevue, Finance, Risk Management, Internal Audit, Legal, Law, Compliance, Technology, Information SecurityApply To Job
