We’re looking for a technically curious problem‑solver who enjoys diving deep into systems, learning continuously, and simplifying complex concepts. This role is well‑suited for someone who values coaching and mentorship and can translate technical detail into clear, auditable insight.

The Senior Technical Program Manager (TPM) partners with Internal Audit and engineering teams to support audits with hands‑on technical expertise, strengthen audit planning and coverage, and scale technical capability across the organization. By embedding technical context, tools, and guidance into audit execution, TPMs enable auditors to assess technology‑driven risks with increasing independence over time. This is not a traditional audit role. It blends engineering depth with technical enablement, influence, and close cross‑functional collaboration.

Key areas of impact are project engagement and team upskilling. Project engagement responsibilities are to support the fieldwork team as a technical subject matter expert during the execution of an audit - your success is in empowering the team with relevant collateral, insights and actionable data during the planning and/or execution of an audit. Team upskilling ensures the organization understands how emerging and existing technologies impact risk, and equips auditors with the technical context, tooling, and insight needed to assess those risks. Actively uplifting technical capability across the Internal Audit team (through coaching, developing collateral, and embedding technical understanding into audit planning and execution) will overtime allow auditors to independently engage with key engineering and technical concepts, reducing reliance on point‑in‑time TPM support.

In summary: This is not a traditional audit position. The TPM is expected to actively facilitate technical understanding across the Internal Audit organization, partner deeply with engineering teams, and translate complex systems into actionable audit insight. It is a great blend of engineering expertise and hands‑on technical enablement and influence.

• Understand Microsoft’s Engineering and Research divisions, build relationships across them to be seen as and act as a trusted partner, with the expertise to prioritize and lead both internal and external partners to outcomes that grow shareholder value and safeguard assets.
• Assist in identifying gaps in audit coverage through an understanding of corporate strategy and/or technology direction, criticality and industry-specific requirements or regulations.
• Demonstrate a passion for the acquisition of technical knowledge, with a focus on research areas of potential exploration while guiding adherence to security, privacy and ethical policies, standards, and regulatory requirements throughout the Audit lifecycle (especially in the development of the audit plans, SOW and during audits).
• Design functional, right-sized collateral or tooling that enables the team to execute with increased efficiency.
• Lead efforts to validate engineering controls or service architecture while focusing the team on identifying critical areas, that may have impact to Microsoft risk posture.
• Understand and translate engineering metrics, cycles, environments, tools, processes to identify and prioritize key risk areas and associated controls.
• Is a team influencer in that you revel in bringing alignment and structure to individual functions while focusing them on committed goals.
• Build business acumen, foster inclusive culture, and risk mindset for the lead and audit team. For example, providing actionable insight and coaching through feedback.
• Embody Microsoft Values and “One Microsoft,” while embracing a growth mindset and driving impact. Champion an inclusive and collaborative workplace where everyone can be their best.
• Raise the technical knowledge of self and the audit group on assigned risk areas through training and continuous professional development.
• Influence management as a trusted advisor to clarify risks to their business and where there may be potential blind spots. For example, providing clarification on risks to the business identified during the audit.
• Ensure clear and concise audit reporting of risks tested during the audit. Analyze and advise management on whether their planned actions will mitigate identified risks and provide perspective on risk trends. For example, reviewing audit reports and management responses. Reviewing team's audit findings and report to provide comments on quality against audit objectives when needed.

Required Qualifications:

• Bachelor's Degree in Engineering, Computer Science, Information Security, or a similar technical field AND 4+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience.
• 2+ years of experience managing cross-functional and/or cross-team projects.

Preferred Qualifications:

• Bachelor's Degree AND 8+ years experience engineering, product/technical program management, data analysis, or product development OR equivalent experience.
• 10+ years or more of demonstrated work experience in Engineering, Audit or a combination of applicable industry experiences.
• 5+ years’ experience applying technical knowledge to assess, validate, or explain controls, architecture, or system design in complex environments.
• Familiarity with DevOps, and SDLC methodologies, as well as PM methodologies (Agile and Waterfall) and able to apply them pragmatically and as best suited.
• Ability to simplify the complex and contextualize audit findings.
• Team player – value working as a team, and success as a team.
• Curiosity to understand how things work and ability to dig into the details when needed. A self-driven constant researcher/ validator of facts and figures.
• Good interpersonal skills and ability to deal with challenging stakeholders/ interpersonal situations.
• Excellent written and verbal communication skills and exceptional emotional intelligence.
• Ability to influence and motivate people across a broad variety of job functions through your relationships.
• Strong organizational skills to manage multiple, competing priorities simultaneously, without losing sight of the highest priority items.
• Working knowledge of cybersecurity, privacy, online safety, ethical AI or service availability.
• Professional certification such as CISSP, CIA, CISA, etc.

Technical Program Management IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.