Senior Security Policy Program Manager CTJ TS/SCI

Job description

Cloud Operations + Innovation (CO+I) is the engine that powers Microsoft’s cloud platforms and services that millions of people use every day.

With more than 95% of Fortune 500 business on Azure, 180 million using Office 365, and millions using other services – all running on Microsoft's cloud infrastructure – CO+I builds and operates the foundation upon which Microsoft’s mission to empower every person and organization comes to life.

The CO+I AGC Physical Security team is organized within CO+I and falls under its Cloud Infrastructure Solutions and Services (CISS) team.

The CO+I Physical Security team is dedicated to delivering the most trustworthy and efficient physical security services to protect the personnel, infrastructure, data and confidential information foundational to the Microsoft Cloud.

Our vision is to be the most reliable, rigorous and trusted industry provider of hyperscale cloud physical security.

This position falls under the AGC Compliance and Security group within the CO+I Datacenter Physical Security organization.

The AGC Compliance and Security team combines Microsoft’s extensive datacenter security experience with the rigorous standards of our U.S. Government partners to create the most secure cloud computing environments anywhere, enabling the mission-critical capabilities needed to keep our nation at the forefront of technology.

Microsoft runs on trust and a robust physical security program is essential to meeting our customer commitments to secure their data.

We are seeking a **Senior Security Policy Program Manager** to support Microsoft’s secure infrastructure initiatives across both global commercial cloud environments and air gapped cloud platforms.

This role is ideal for a subject matter expert with deep experience in physical and technical security policy, national security systems, and supply chain risk management.

In this role, you will help shape and implement compliance strategies that span Microsoft’s full spectrum of cloud offerings.

**Responsibilities**

As a Senior Security Policy Program Manager, you will lead formal and ad-hoc teams of Microsoft and Supplier partners to deliver and continuously improve security operations at Microsoft datacenters with enhanced compliance requirements, including datacenters hosting classified information.

Responsibilities include, but are not limited to the following:

+ Serve as a principal advisor on physical and technical security policy across Microsoft’s global commercial cloud and air gapped cloud portfolios, ensuring alignment with Intelligence Community (IC), Department of Defense (DoD), and international standards.
+ Lead engagements with interagency working groups, including the ODNI Data Center Working Group (DCWG), contributing to policy development and industry feedback loops.
+ Translate evolving IC guidance (e.g., ICS 705-05, TEMPEST Policy 7000) and global regulatory frameworks into actionable compliance strategies for secure cloud deployments.
+ Conduct SCIF assessments and advise on construction security protocols for classified and sensitive environments across both commercial and sovereign cloud footprints.
+ Collaborate with internal stakeholders to support personnel security initiatives, including Trusted Workforce 2.0, Security Executive Agent Directives, and global clearance processes.
+ Act as a liaison between Microsoft and federal/international agencies, facilitating secure meeting participation and clearance coordination.
+ Provide strategic input on supply chain risk mitigation and technology vetting, particularly in relation to PRC and Russian-origin components, with applicability across all cloud environments.
+ Support cross-functional efforts to secure PCNs and expand Microsoft’s footprint in classified, sovereign, and sensitive commercial environments.
+ Maintain confidentiality, discretion and protect Microsoft information without question

**Qualifications**

**Required Qualifications:**

+ 4+ years experience in security program or program management or related field
+ OR equivalent experience.

**Other Requirements:**

**Security Clearance Requirements:** Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role.

These requirements include, but are not limited to the following specialized security screenings:

+ The successful candidate must have an active **U.S. Government Top Secret/SCI Security Clearance** .

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.

Failure to maintain or obtain the appropriate clearance and/or customer screening requirements may result in employment action up to and including termination.
+ **Clearance Verification** : This position requires successful verification of the stated security clearance to meet federal government customer requirements.

You will be asked to provide clearance verification information prior to an offer of employment.
+ **Microsoft Cloud Background Check:** This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

**Citizenship & Citizenship Verification:**  This position requires verification of U.S. citizenship due to citizenship-based legal restrictions.

Specifically, this position supports United States federal, state, and/or local United States government agency customer and is subject to certain citizenship-based restrictions where required or permitted by applicable law.

To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government Clearance

**Criminal Justice Information Services:** This position requires passing a background check conducted through the CJIS criminal justice information system by authorized local, state, and/or federal agencies.

**Preferred Qualifications:**

+ Bachelor’s degree in business risks, or related field AND 8+ years’ experience in Security Program or Program Management OR equivalent experience.
+ Proven track record as a Physical and Technical Security Policy Officer, preferably within the IC, DoD, or equivalent international bodies.
+ Extensive experience with national security systems policy, SCIF construction, and classified data center operations.
+ Strong understanding of personnel security frameworks and interagency directives.
+ Demonstrated ability to navigate complex government-industry interfaces and influence policy outcomes.
+ Exceptional written and verbal communication skills, with the ability to synthesize technical guidance into strategic recommendations.
+ Working knowledge of ICD705, NISPOM and other standards for the protection of U.S. Government information
+ Confident and skilled in preparing and delivering presentations and briefings to customers, senior leaders and executives
+ Strong work and compliance ethic with the ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment
+ Analytical and process improvement skills to produce data driven insights and associated process change
+ Ability to change plans, goals, actions and priorities in response to an evolving business environment with awareness to operate as a champion for course corrections when necessary
+ Proficient in the use of Microsoft Office products for business

#COICareers | #EPCCareers | #DCDCareers

**Security IC4** - The typical base pay range for this role across the U.S. is USD $96,500 - $188,400 per year.

There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $123,500 - $206,400 per year.

Certain roles may be eligible for benefits and other compensation.

Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until **October 28, 2025.**

Microsoft is an equal opportunity employer.

Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances.

If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .

Required Skill Profession

Other General