CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · -

Compliance Manager, Supplier Security & Privacy Assurance

United States, Redmond 96500.00 - 188400.00 USD / Year · Job Posted January 10, 2026
Apply Position
Job Link Share

Job Description

At Microsoft, trust is the foundation of every business relationship. This role offers an opportunity to join a dynamic team that programmatically helps Microsoft suppliers align with our values and meet rigorous standards for Privacy, Security, and Responsible AI. These standards address cybersecurity risk, regulatory obligations and data subject rights – reinforcing our commitment to the principle: “Microsoft runs on Trust”. The Supplier Security and Privacy Assurance (SSPA) program is a corporate control that sets requirements for global suppliers and drives compliance with these standards. As Compliance Manager, you will focus on enabling innovative operations while ensuring high-quality compliance records that provide assurance to the company and support auditors during certifications, audits and regulatory inquiries. You will partner with business groups across the company to understand priorities, balancing business enablement and conveying Privacy, Security and Responsible AI policy positions.

Job Responsibility

  • Develop and execute compliance strategies, processes, and tools to anticipate emerging risks and drive scalability
  • Use understanding of policies, laws, and regulations to meet business needs
  • Partner with cross-functional teams to align compliance programs with business objectives and industry best practices
  • Establish trusted, collaborative relationships to accelerate decision-making
  • Provide requirements and strategic input for tools and systems that enable efficient, market-leading compliance programs
  • Define, test, and enhance controls to mitigate risks, identify failure points early, and implement innovative solutions
  • Translate compliance standards and processes into a relatable form for teams, business groups, and corporate senior leaders
  • Foster a culture of compliance through education, communication, and proactive risk management across the organization
  • Embody Microsoft’s culture and values

Requirements

  • Bachelor's Degree in Science, Business, Engineering, or related field AND 4+ years experience in business, legal/regulatory, compliance, audit/consulting firm OR equivalent experience
  • Certified Information Systems Security Professional (CISSP) certification OR an International Association of Privacy Professionals (IAPP) Privacy Professional certification OR American Institute of Certified Public Accountants (AICPA) qualified auditor is preferred
  • Ability to obtain CISSP or IAPP certification within one year of hire required
  • 1+ years of experience in supplier or third-party management, focusing on compliance, performance, and risk
  • Communication, relationship-building, and problem-solving skills
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Compliance Manager, Supplier Security & Privacy Assurance

8 matching positions

Privacy By Design Manager

As a Privacy by Design Manager in the Vodafone Secure & Privacy by Design team, ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience in privacy, with proven ability to lead process improvement or transformation initiatives and drive adoption across a matrix organisation
  • Strong understanding of relevant legislation including the GDPR, ePrivacy Directive and related regulatory expectations, with the ability to translate requirements into practical, scalable and proportionate processes
  • Hands-on experience conducting and assuring privacy assessments (e.g., DPIAs, LIAs, TIAs) and maintaining core privacy records (e.g., ROPA), ideally using workflow tooling such as OneTrust
  • Metrics driven mindset: ability to define KPIs, analyse operational data (e.g., volumes, cycle time, risk trends) and produce management ready reporting to drive continuous improvement
  • Tooling and automation awareness (e.g., privacy tooling and workflow platforms), with the ability to identify and implement opportunities to standardise and automate low-risk or repeatable activities (OneTrust and Jira experience is advantageous)
  • Excellent organisation skills, able to handle multiple requests with differing priorities and stakeholders
  • Excellent command of English, and excellent interpersonal, oral and written communication and public speaking skills
  • Comfortable working in a matrix organisation with tolerance for ambiguity. Persistence to drive change over time
  • Courage to ‘stand up and be counted’ even when view is unpopular at a more senior level
  • Ability to analyse complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner with different audiences
Job Responsibility
Job Responsibility
  • Privacy transformation (process ownership, improvement & simplification): Lead and own simplification and redesign of global privacy processes (e.g., DPIA, LIA, TIA and ROPA) and the supporting templates, playbooks and guidance, applying project/programme management discipline (scope, plan, milestones, and stakeholder governance) to drive delivery and adoption
  • Operating model, decision thresholds & demand management: Lead and own the operating model for privacy engagement, including entry/exit criteria, proportionate decision thresholds and demand triage
  • Support Responsible AI (RAI) processes: Lead and contribute to RAI process workstreams to improve and embed AI risk assessment processes into day-to-day delivery
  • Automation & tooling: Lead delivery of privacy automation and tooling improvements
  • work with Technology, Cyber Security and tool owners to embed privacy logic into enterprise workflows (e.g. OneTrust)
  • Metrics, insights & reporting: Lead operational metrics, dashboards and reporting to track demand, cycle times, completion, incidents and risk trends for management reporting
  • Audit actions, controls & quality: Partner with internal audit and own closure of audit actions, including root cause analysis and sustained remediation
  • Stakeholder enablement & culture: Lead enablement to embed privacy by design ways of working, including training and awareness
  • Market engagement: Lead engagement with local market privacy contacts to align delivery of global privacy and AI risk assessments
  • Supplier compliance & scalable enablement: Lead scalable supplier enablement, embedding privacy and responsible AI requirements into supplier governance through standards, templates and guidance
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Fulltime
Read More
Arrow Right

Order Control Analyst

Perform regular collection and assimilation of property specific product and loc...
Location
Location
United States
Salary
Salary:
24.00 USD / Hour
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or G.E.D. equivalent
  • At least 2 years of related work experience
  • No supervisory experience
  • None
Job Responsibility
Job Responsibility
  • Perform regular collection and assimilation of property specific product and local vendor data for standard periodic reporting, discerning data validity and providing analytic insight where appropriate
  • Accurately report production and timely delivery of finished product to manager/supervisor
  • Work with procurement sourcing systems analyst to analyze and drive property level compliance
  • Perform vendor bid management
  • Analyze price variance, correcting and approving quotes utilizing various tools provided
  • Develop trend analysis of invoice price variances by item for locally utilized suppliers to include an action plan to counter them
  • Review and identify trends and documentation and assist in property cost control and property accounts payable
  • Act as property liaison for new vendor set-up process
  • Work with corporate procurement coordinators to initiate the vendor approval process
  • Provide ad hoc analysis and project support as is necessary to include local business sourcing, local procurement valuation analysis, seasonal trend analysis for the property, monitoring of various purchasing metrics, utilization of the database queries and reports to assist property management in identifying various cost containment opportunities via spend analysis, and local contract management
  • Fulltime
Read More
Arrow Right

Warehouse Development Project Manager

The Project Manager of Warehouse Development will work with internal logistic, I...
Location
Location
United States , Dublin
Salary
Salary:
155250.00 - 176000.00 USD / Year
stores.aldi.us Logo
Aldi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree required
  • Bachelor's degree in Construction Management, Architecture, Civil Engineering, Business or Project Management preferred
  • Minimum of 5 years of progressive experience in Construction Management, Architecture, Civil Engineering, Business or Project Management and/or retail operations required or a minimum of 3 years of relevant ALDI experience required
  • Valid driver's license with a satisfactory driving record required
  • Or, a combination of education and experience providing equivalent knowledge
Job Responsibility
Job Responsibility
  • Ensures the training, development, and performance of their team's staff to retain a motivated, professional workforce that achieves their career objectives
  • Recruits and recommends qualified employees for their team's staff positions
  • Establishes, communicates and evaluates job responsibilities and performance expectations to their team to ensure a mutual understanding of desired results
  • Understands the overarching company strategy, while communicating and modeling the core values of the organization to create a sense of teamwork and membership among employees
  • Provides oversight and direction during the construction process from groundbreaking through issue of final occupancy permit
  • Ensures work is completed in accordance with construction plans and specifications, to the highest quality standards and within budget as established by their direct leader via regular site visits and supervision of the general contractor
  • Identifies and communicates new ideas and cost saving opportunities to construct or remodel facilities at lower costs
  • Works with government officials, utility companies, and suppliers to assure project deadlines are met
  • Assists in reviewing engineering, building, and site design with selected Architect and Engineering firms
  • Assists with various meetings in presenting ALDI concept and plans
What we offer
What we offer
  • 401(k) Plan
  • Company 401(k) Matching Contributions
  • Employee Assistance Program (EAP)
  • PerkSpot National Discount Program
  • Medical, Prescription, Dental & Vision Insurance
  • Generous Vacation Time & 7 Paid Holidays
  • Up to 6 Weeks Paid Parental Leave at 100% of pay
  • Up to 2 Weeks Paid Caregiver Leave at 100% of pay
  • Short and Long-Term Disability Insurance
  • Life, Dependent Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Information Security Analyst

We are looking for an Information Security Analyst to join our Risk, Legal and C...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
lgt.com Logo
LGT Gruppe Holding AG
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security operations or related IT functions, such as networking or IT systems engineering
  • Strong understanding of security concepts such as server hardening & patching, M365 & Azure configuration, Endpoint Protection solutions, Vulnerability Management, Firewall configuration, user access management, data loss prevention
  • Strong understanding of security architecture concepts across on-premises, cloud, and SaaS environments
  • Experience assessing solution designs and identifying security risks at an architectural level
  • Ability to translate complex technical and policy-driven security requirements into business-friendly language
  • Strong pragmatic, risk-based mindset with the ability to balance security, usability, cost, and delivery timelines
  • Experience engaging in business projects, conduct threat modelling, risk assessments, controls design as well as validating the design and implementation of key controls
  • Experience driving security initiatives to align technical services with security policies
  • Strong problem-solving abilities, with a logical and methodical approach to tasks
  • Excellent communication skills, able to translate technical concepts for non-technical stakeholders
Job Responsibility
Job Responsibility
  • Responsible for maintaining a strong security environment, reducing cyber risk exposure, and supporting security operations, monitoring, and reporting
  • Contributes to LGT WM's information security strategy and risk framework while embedding security requirements into key business projects from the outset
  • Participates in initiatives to ensure compliance with privacy laws and external regulatory obligations, including GS 007
  • Support the cyber security assurance program, assisting audit activities and owning the remediation of findings
  • Support an effective cyber security assurance strategy over third parties / suppliers, enabling the business to engage with strategic partners without taking excessive risk
  • Conduct third party reviews when required
  • Actively participate in cyber security strategy formulation, prioritizing the protection of mission critical digital assets and maximizing the value of security investments
  • Participate in project delivery teams to provide security input throughout the solution lifecycle, from early design through to implementation and go-live
  • Participate in operational change management and ensure security related changes are adequately tested prior and post implementation, to reduce business impacts
  • Fulltime
Read More
Arrow Right

Security Architect

The Security Architect will Contribute to the design, implementation and ongoing...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Awareness and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines
  • Good knowledge of networking (switching, routing, firewalls)
  • Awareness or limited experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure)
  • An understanding of the native security capabilities and some practice within Cloud platforms (AWS and/or Microsoft Azure)
  • Understanding of modern security concepts, common attack vectors, malware, security analytics and threat intelligence
  • A understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE)
  • Some experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc
Job Responsibility
Job Responsibility
  • Identify business objectives, user needs, risk appetite and cyber security obligations
  • Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls
  • Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised frameworks and best practice
  • Contribute to deliver and continually enhance a coherent approach to the design of secure client end-to-end solutions
  • Contribute to secure conceptual, logical and high level designs by identifying appropriate security controls to be embedded in solutions that meet business requirements whilst evidencing alignment to the target risk appetite
  • Contribute to the design and be able to articulate and justify design recommendations at security architecture assurance gates
  • Contribute to design documentation, options papers, risk assessments, stakeholder presentations and be able to effectively communicate these to both senior technical and non-technical stakeholders
  • Contribute to reference architecture of established patterns, principles and guidelines
  • Contribute to the development of the Security Practice skills and capabilities to ensure consistent high quality of service delivery and expertise
  • Active coaching and mentoring of junior members of the team
What we offer
What we offer
  • A range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • The opportunity to have flexible work options
Read More
Arrow Right

Principal Architect

Here at Whitbread, we are seeking an experienced Principal Architect to join our...
Location
Location
United Kingdom , Dunstable
Salary
Salary:
Not provided
beefeater.co.uk Logo
BEEFEATER
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant proven experience owning end-to-end solution and domain architecture in complex, multi-team environments
  • Strong working knowledge of enterprise architecture operating models and governance (principles, standards, patterns, review/approval), with ability to lead design authority discussions
  • Strong understanding of integration, security, privacy, and data expectations, with ability to shape and assure non-functional requirements and manage architecture risks
  • Experience collaborating with senior stakeholders across different domains within a business, tailoring communication style depending on the audience
  • Demonstrable experience engaging vendors and partners in a multi-supplier ecosystem.
Job Responsibility
Job Responsibility
  • Define and evolve our Hotels & Restaurants teams domain architecture, ensuring end-to-end alignment across products, platforms, and suppliers
  • Own the architecture artefact set for team as well as setting and enforcing domain design principles and guardrails, govern design trade-offs and escalate cross-portfolio conflicts and exceptions through the agreed architecture governance model
  • Lead architecture governance forums, ensuring decisions, approvals, exceptions, and actions are documented, communicated, and progressed
  • Ensure solutions comply with Enterprise Architecture and Technology standards and relevant security, integration, and data policies
  • Proactively identify non-compliance and drive remediation or formal exception management.
What we offer
What we offer
  • Family BUPA healthcare
  • 10% matched pension
  • Up to 60% discount on Premier Inn stays
  • 25% discount on our Restaurant brand
  • Annual Incentive of up to 30% Bonus
  • Fulltime
Read More
Arrow Right

SbD Security Architect - IT & Digital

As a Security Architect within Secure by Design, you will be accountable for emb...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cyber security roles, with strong architecture focus
  • Proven experience delivering complex, cross domain IT & Digital security architectures
  • Strong understanding of security risks, threat modelling, and mitigating controls
  • Hands on experience securing public cloud platforms (AWS, Azure, GCP)
  • Deep knowledge of containerised, virtualised and hybrid infrastructure
  • Strong knowledge of security and compliance frameworks (ISO 27001, NIST, COBIT, SOC2, ITIL)
  • Understanding of regulatory and data protection requirements (PII, PCI DSS, privacy legislation)
  • Ability to influence senior technical and non-technical stakeholders
  • Excellent documentation, communication, and decision-making skills
  • SABSA and/or TOGAF architecture qualifications
Job Responsibility
Job Responsibility
  • Embedding security into IT and Digital systems by design
  • Providing end to end security architecture leadership across VodafoneThree’s IT & Digital estate
  • Defining, documenting, and assuring end to end security architectures
  • Working closely with UK IT & Digital, Networks and Data & Analytics teams
  • Influencing senior technical stakeholders to ensure UK security requirements are understood, accepted, and embedded
  • Acting as a member of the Secure by Design Security Architecture team
  • Owning and delivering end to end security architecture for assigned initiatives
  • Defining and embedding technical and non-technical security controls into solution designs
  • Reviewing and assessing solution architectures against VodafoneThree security policies
  • Approving compliant designs and escalating deviations
What we offer
What we offer
  • Excellent basic salary plus bonus and Vodafone benefits
  • Up to 28 days off plus bank holidays
  • Paid time for charity work
  • Discounts and vouchers
  • Pension plan
  • Learning tools
  • Parental leave policies
  • Fulltime
Read More
Arrow Right

Product Architect (SDN & Security) - VOIS

We are seeking an experienced Product Architect to join VOIS within the Technolo...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A collaborative team contributor with a positive mindset and the ability to address complex challenges constructively
  • An effective communicator with strong presentation skills, comfortable engaging both technical and non-technical stakeholders
  • An expert in Fortinet SD-WAN, SD-LAN, SASE technologies, and traditional routing concepts
  • Experienced in working with internal stakeholders, external partners, and geographically dispersed virtual teams
  • Able to manage multiple and changing priorities while maintaining focus on delivery outcomes
  • Proven in designing and supporting technically and operationally complex solutions within strict timelines
  • Experienced in product lifecycle management activities
  • Educated to degree level in Networking, Computer Science, or a related discipline
  • Ideally familiar with mobile and fixed networks, Agile ways of working, cloud and cloud-native technologies (AWS, GCP, containers, Kubernetes), DevOps, APIs, and next-generation orchestration and assurance platforms
Job Responsibility
Job Responsibility
  • Engage with Commercial, Product Management, and Technology Product Owners to shape high-quality requirements and maintain a healthy product backlog
  • Translate business, functional, and non-functional requirements into complete end-to-end technical solutions, including cost and effort estimation
  • Own the high-level solution design, ensuring alignment with product requirements and architectural standards
  • Act as end-to-end technical design authority, covering service models, IT architecture, low-level design, security-by-design, privacy, and legal and regulatory compliance
  • Lead technical aspects of vendor management, setting priorities and driving continuous product improvement
  • Contribute to defining and improving the in-life operating model and manage product lifecycle activities, including end-of-life planning
  • Deliver technical product collateral such as Technical Service Descriptions, technical options papers, and product HLDs, and provide guidance to Solutions Consultants
  • Review supplier technical documentation and support delivery teams to ensure alignment with the agreed product solution
  • Perform impact assessments on requirements, quantifying delivery timelines and costs
  • Support RFx creation and evaluation processes
What we offer
What we offer
  • Exposure to global, large-scale SDN and Security product deployments
  • Opportunities to work with diverse stakeholders across markets, vendors, and technology domains
  • A role that combines strategic influence with hands-on architectural ownership
  • Continuous learning through engagement with emerging technologies and industry-leading solutions
  • Fulltime
Read More
Arrow Right