New 
Senior Security Policy Program Manager - CTJ - TS/SCI
 Microsoft | |
 United States, Washington, Redmond | |
 Oct 23, 2025 | |
|
OverviewCloud Operations + Innovation (CO+I) is the engine that powers Microsoft's cloud platforms and services that millions of people use every day. With more than 95% of Fortune 500 business on Azure, 180 million using Office 365, and millions using other services - all running on Microsoft's cloud infrastructure - CO+I builds and operates the foundation upon which Microsoft's mission to empower every person and organization comes to life. The CO+I AGC Physical Security team is organized within CO+I and falls under its Cloud Infrastructure Solutions and Services (CISS) team. The CO+I Physical Security team is dedicated to delivering the most trustworthy and efficient physical security services to protect the personnel, infrastructure, data and confidential information foundational to the Microsoft Cloud. Our vision is to be the most reliable, rigorous and trusted industry provider of hyperscale cloud physical security. This position falls under the AGC Compliance and Security group within the CO+I Datacenter Physical Security organization. The AGC Compliance and Security team combines Microsoft's extensive datacenter security experience with the rigorous standards of our U.S. Government partners to create the most secure cloud computing environments anywhere, enabling the mission-critical capabilities needed to keep our nation at the forefront of technology. Microsoft runs on trust and a robust physical security program is essential to meeting our customer commitments to secure their data. We are seeking a Senior Security Policy Program Manager to support Microsoft's secure infrastructure initiatives across both global commercial cloud environments and air gapped cloud platforms. This role is ideal for a subject matter expert with deep experience in physical and technical security policy, national security systems, and supply chain risk management. In this role, you will help shape and implement compliance strategies that span Microsoft's full spectrum of cloud offerings.
ResponsibilitiesAs a Senior Security Policy Program Manager, you will lead formal and ad-hoc teams of Microsoft and Supplier partners to deliver and continuously improve security operations at Microsoft datacenters with enhanced compliance requirements, including datacenters hosting classified information. Responsibilities include, but are not limited to the following:Serve as a principal advisor on physical and technical security policy across Microsoft's global commercial cloud and air gapped cloud portfolios, ensuring alignment with Intelligence Community (IC), Department of Defense (DoD), and international standards. Lead engagements with interagency working groups, including the ODNI Data Center Working Group (DCWG), contributing to policy development and industry feedback loops. Translate evolving IC guidance (e.g., ICS 705-05, TEMPEST Policy 7000) and global regulatory frameworks into actionable compliance strategies for secure cloud deployments. Conduct SCIF assessments and advise on construction security protocols for classified and sensitive environments across both commercial and sovereign cloud footprints. Collaborate with internal stakeholders to support personnel security initiatives, including Trusted Workforce 2.0, Security Executive Agent Directives, and global clearance processes. Act as a liaison between Microsoft and federal/international agencies, facilitating secure meeting participation and clearance coordination. Provide strategic input on supply chain risk mitigation and technology vetting, particularly in relation to PRC and Russian-origin components, with applicability across all cloud environments. Support cross-functional efforts to secure PCNs and expand Microsoft's footprint in classified, sovereign, and sensitive commercial environments.Maintain confidentiality, discretion and protect Microsoft information without question | |