Microsoft’s Corporate, External and Legal Affairs (CELA) organization is seeking an experienced attorney to join the Microsoft Security legal team as the Assistant General Counsel, Cybersecurity supporting Microsoft’s Chief Information Security Officer (CISO) and the Digital Security + Resilience (DSR), Microsoft Security Response Center (MSRC) and Risk & Resilience (R&R) teams.

This role will serve as a trusted advisor for, and provide legal support to, the CISO as the CISO identifies cyber risks to Microsoft’s business assets across the digital estate, mitigates that risk in collaboration with leadership and leads the company’s security operations and governance teams. With the recently announced Secure Future Initiative (https://blogs.microsoft.com/on-the-issues/2023/11/02/secure-future-initiative-sfi-cybersecurity-cyberattacks/) (SFI), we welcome a great teammate to join us to help realize this journey for the company!

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

Legal Counsel

• Legal Support of Microsoft’s CISO: Act as legal counsel for Microsoft’s CISO, serving as a key business partner and valued legal advisor tosenior leadership by providing actionable advice on a wide range of cybersecurity, privacy, compliance, and risk issues, including those uniquely pertaining to the role of the CISO.

• Legal Support of Microsoft core security operations teams : Provide legal support to certain ofMicrosoft’s core security operations teams, which run internal operations such as risk and resiliency, security operations center, supply chain security, vulnerability management, insider threat program, the security fundamentals team powering security baselines for Microsoft’s products and services, and internal roll-out of security products and initiatives, in collaboration with other cybersecurity lawyers and personnel.

• Legal Support of External-Facing Programmatic Security Activities by Microsoft : Provide legal support to Microsoft’s external-facing security programs, including Microsoft’s bug bounty program, MAPP, and vulnerability management security information sharing initiatives.

• Legal Management of Security Incidents: Lead and manage a virtual team providing legal support for non-nation state security incidents, including collaborating with engineering legal teams, providinglegal review of external communications, andadvising on incident disclosure obligations; stay abreast of nation-state security incidentsdevelopments and provide support, as needed.

• Training & Education: Provide ongoing training to Microsoft employees on cybersecurity legal obligations and best practices.

Operational Excellence

• Provide input and continuous feedback to improve process efficiencies within role.

• Identifyopportunities and tools to increase operational efficiency and effectiveness.

Communication

• Collaborate effectively acrossCELA and with business clients.

• Organize issues and ideas in written and oral communication.

Embody our Culture (https://www.microsoft.com/en-us/about/corporate-values) and Values (https://careers.microsoft.com/us/en/culture)

Qualifications

Required/Minimum Qualifications

• Juris Doctorate or equivalent international degree

• OR Completion of a Legal Apprenticeship.

• Active license to practice law in a U.S. jurisdiction and capable of meeting admission requirements in relevant jurisdiction.

• 10+ years’ experience as a practicing attorney in corporate law, privacy, and/or cybersecurity regulatory compliance.

• OR equivalent practice of law.

Other Qualifications

This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local US government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified via a valid passport.

Preferred Qualifications

• Ability to obtain and maintain a United States Security Clearance.

• Significant experiencein supporting the chief information security officer or other senior executive of a publicly traded company.

• Fluency and facility with cyber risks, remediation, or U.S. and/or foreign cybersecurity standards, frameworks, risk assessments or certification processes, ideally including a practical understanding of same.

• Deep curiosity about Microsoft’s products, services, and operations, with a drive to get precise and complete information to make informed decisions.

• Sound and practical business judgment, ability to think strategically, and experience in establishinga “trusted advisor” relationship with key clients.

• Highly motivated, independent, self-starter able to multitask and constantly prioritize in an ever-changing legal and regulatory environment.

• Ability to solve problemscreatively with a focus on achieving results that both benefit our business and maintain the trust of our customers and partners.

• If based in Redmond, WA, will need to be willing to travel to Silicon Valley, CAon a regular basis to meet with clients located there.

Legal Counsel IC6 - The typical base pay range for this role across the U.S. is USD $154,500 - $273,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $199,600 - $299,400 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until June 5, 2024.

#CELA

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .