Sr Director, Security Strategy & Risk
 Microsoft | |
 United States, California, Los Angeles | |
 Mar 06, 2025 | |
|
OverviewDo you enjoy working on unique security solutions for a variety of areas related to Gaming? If so, the Gaming Security team would like to talk to you. We are the Gaming Security team. Our team supports the services, platform, and studios that make up the Gaming business. In addition, we work with other Security teams within the company to ensure that we have the right tools and services to protect these key businesses. We are looking for a Senior Director to help with leading strategic security initiatives and risk management by partnering and engaging with leaders and engineering teams across the organization. The successful candidate will have passion for security, risk management, collaboration skills, technical depth, coupled with the ability to bring others together in building cross-organization solutions. Effective communication skills and the ability to thrive in an ambiguous and dynamic environment are necessary. Candidates should represent the growth mindset and display Microsoft cultural values in day-to-day activities. Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
ResponsibilitiesDrive continuous innovation in strategic security offerings including design, deployment, and management of AI security solutions. Lead functions related to cybersecurity risk management and compliance, shaping strategic vision for Microsoft Gaming risk program and continually improving the program in response to changing threats and industry trends. Operationalize GRC capability areas including policy and exception management, maturity assessment, external audits and enterprise security risk management Develop and oversee the governance structure for integrating cyber risk into the enterprise risk management framework. Ensure cyber risks are aligned with overall business risks and priorities and that appropriate risk mitigation strategies are in place with a governance framework that supports risk-based decision-making and prioritization. Establish key metrics and reporting mechanisms to regularly update leadership on the organization's cyber risk posture and mitigation effectiveness. Provide clear, actionable reporting that connects cyber risks to business outcomes and organizational objectives. Develop and deliver the GRC strategic roadmap and investment plan addressing People, Process, and Technology Build partnerships with Senior IT Management, Internal Audit, Ethics and Compliance, Enterprise Risk, relevant business units, and third-party vendors to ensure compliance awareness and responsibilities. Lead the creation of Information Security Policies, technical standards and procedures for secure technology configuration and implementation. Lead and grow a global team of cybersecurity professionals, managing risk, compliance, assessments, reporting, metrics, and policies Oversee validation of risk assessments, control designs, gap identification, test scripts, evidence, and compensating controls. Lead the execution of the information security strategy, ensuring alignment with overall business objectives, and will define and communicate security policies, procedures, and standards across the organization | |