Audit Program Manager

Last updated 20 days ago
Location:Reston, Virginia
Job Type:Full Time

Do you enjoy working with dynamic people to solve complex business problems? If you love a challenge, have a passion for results, audit skills, exemplary program management, and cross-group collaboration, we want you. This position is responsible for developing and managing a risk-based, outcome-focused audit program to ensure Microsoft’s compliance with the Federal Acquisition Regulation (FAR), Defense Federal Acquisition Regulation Supplement (DFARS), other agency supplements, Cost Accounting Standards (CAS) and Microsoft Policies. Other areas of focus may include operational security, cybersecurity, privacy, and human resource matters..


  • Risk assessment and audit coverage plan proposals covering end to end government business, contract compliance, technical service delivery, go to market, etc.
  • Oversight of audit execution for quality and adherence to professional standards.
  • Provide subject matter expertise regarding clearance requirements, technical enterprise promises, federal government business, and security of air gapped cloud services from design to operations.
  • Build collaborative business partnerships in a matrixed organization to effectively communicate audit results across key stakeholders.
  • Support Risk & Compliance processes as needed.
  • Transfer risk and business knowledge to project teams to enable successful audit project execution. Participate in project execution as appropriate.
  • Effect change by assisting business management to develop appropriate action plans to address identified deficiencies, and ensure corrective actions are implemented in a timely manner to address the risk.
  • Communicate federal government business risk trends and control issues to senior management.
  • Keep current and increase knowledge of company strategies, priorities, and business objectives.
  • Manage a high-performance audit team, providing appropriate guidance and development opportunities.
  • Support the audit team by sharing insights on risks in highly technical areas of current/emerging technologies including cloud, security, distributed computing, IoT, Zero Trust Networks, High Value Asset Protection.



  • 10+ years of demonstrated work experience in Audit or Information Technology audit/ Assurance/ Security operations or closely related field.
  • Proven program management skills, with a record of accomplishment effectively managing an audit or compliance program in a decentralized, empowered, and constantly changing environment.
  • Persuasive communication skills, with the ability to deliver controversial messages to senior management.
  • Ability to travel domestically for 2-3 week periods up to 30% of the year.

Specific Functional/Technical Skills:

  • Ability to communicate highly technical issues to both technical and non-technical audiences and demonstrated innovation in IT audit program development and delivery.
  • Knowledge of external leading risk and controls frameworks such as NIST, COBIT (Control Objectives for Information and related Technology), ISO27000, and IT related internal controls.
  • Specialized audit skills or industry experience such as fraud, privacy, manufacturing, online services, software or federal government audit exposure.

The following are preferred:

  • Technical/ Professional certification such as CISSP, GIAC, MCSE, CCNA, CPA, CIA, or CISA

Security Clearance Requirements:

The successful candidate must have an active U.S. Government Top Secret Security Clearance. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate clearance and/or customer screening requirements may result in employment action up to and including termination.

Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.