Country Security Manager (Australia)

Last updated 1 hours ago
Location:Remote - AU/NZ only
Job Type:Full Time

Overview:

Cloud Operations + Innovation (CO+I) is the engine that powers Microsoft’s cloud platforms and services that millions of people use every day. With more than 95% of Fortune 500 business on Azure, 180 million using Office 365, and millions using other services – all running on Microsoft's cloud infrastructure – CO+I builds and operates the foundation upon which Microsoft’s mission to empower every person and organization comes to life.

The Physical Security team is organized within CO+I and is dedicated to delivering the most trustworthy and efficient physical security services to protect the personnel, infrastructure, data, and confidential information foundational to the Microsoft Cloud. Our vision is to be the most reliable, meticulous, and trusted industry provider of hyperscale cloud physical security. We are accountable, effective, and efficient stewards of the awesome responsibility we hold. We innovate to meet challenges. We automate and simplify to scale efficiently. We constantly create and maintain a collaborative ecosystem. We appreciate and act on opportunities to improve.

We are looking for a Country Security Manager with TSPV level clearance to lead a team in Australia, you will perform a key role in delivering physical security for our worldwide critical infrastructure including datacenters, leased collocations, and other types of facilities. Among other responsibilities this includes managing security guarding / guarding supplier service delivery and performance, security incident response, 24/7 Security Operations Center, maintaining audit readiness, systems, process and procedure implementation, and site selection/assessment.

The Country Security Manager must be an experienced team player, possess strong communication and collaboration skills, have the ability to determine and prioritize work streams, and possess the skills to effectively manage and develop people along with a demanding workload in the execution of multiple concurrent projects across geographic and organizational boundaries.

#COICareers

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities

Responsibilities:

  • Is the “cognizant security authority” for CO+I Australia datacenters that will ensure compliance with among others: Principle Security Policy Framework (PSPF), Defence Security Principles Framework (DSPF), Defence Industry Security Program (DISP), Australian Government Security Vetting Agency (AGSVA), and Security Construction and Equipment Committee (SCEC) requirements and represent those to the customers/auditors.
  • Internal subject matter expert (SME) to CO+I on Australian Government requirements and how to implement them, interfacing with SCEC consultants, etc.
  • Collaborate with the managers and supplier leads of cleared personnel sponsored by Microsoft to monitor personnel for ongoing suitability and compliance.
  • Responsible for compliance with all Australian Government requirements for being an employer of personnel holding Australian Government security clearances, including the immediate reporting of long-term leave, behavioural triggers, etc. that warrant notification to the Australian Government.
  • Ensure and enforce sustainable processes to ensure only authorized personnel receive physical access to restricted environments.
  • Develop, manage, and maintain physical security registers, plans, processes, and standard operating procedures that comply with relevant Australian Government (and/or other unique environment) security standards and requirements during the construction of facilities/datacenters and after they have become operational.
  • Develop and implement program specific security education and awareness for all CO+I Australia personnel to ensure compliance, confidentiality, and Operational Security (OpSec) in line with Australian Government requirements and best practices.
  • Document and improve processes to make the program’s ecosystem more efficient, simplified, and productive.
  • Conduct field site visits across Australia to assess the state and health of physical security, document issues needing improvement, and drive to resolution.
  • Provide interpretation and guidance on Australian security clearances and security protocols to internal teams who do not understand or typically work with those kinds of boundaries in mind.
  • Maintain confidentiality, Operational Security (OpSec), and privacy without exception.
  • Collaborate across internal groups such as Datacenter Operations, Datacenter Physical Security, Capacity Planning, Human Resources (HR), Engineering Groups such as Microsoft Azure and Office 365, the broader Microsoft Australia Security Office (AUSO) and Corporate, External, and Legal Affairs (CELA).
  • Oversee assigned projects to ensure they are delivered in accordance with established requirements, deadlines, and applicable law and company policy.
  • Support a variety of physical security programs and initiatives as required.
  • Empower a culture of safety, security, and compliance in all aspects of our Datacenter operations.
  • Establish and enhance strong working relationships and engagement with our Engineering Groups (EGs), and Landlord partners (including contributing to MBRs, QBRs)
  • Flexibility to work non-business hours that may include weekends and/or holidays during security events/incidents.
  • deliver results through teamwork, role model our Microsoft values with a passion for diversity and inclusion.
  • Function as a physical security subject matter expert who can stand on their own to deliver work and represent the team, as well as lead their team to success through delegation.
  • Manage a team focused on enabling a trustworthy physical computing environment that protects customer data, intellectual property, people, and the critical infrastructure facilities in which they reside or operate.
  • Conduct and support physical security threat/risk assessments and site selection activities (using established processes and methodologies) at new and existing sites to ensure evolving threats and conditions remain appropriately addressed by the physical security program as deployed/operated.
  • Receive escalations/notifications of physical security and business impacting incidents/events and appropriately triage and assess, ensuring that leadership is made initially and continuously aware when appropriate, and that the appropriate personnel are managing the incident response effectively.
  • Ensure and enforce sustainable processes to ensure only authorized personnel receive physical access to restricted environments.
  • Partner and collaborate closely with peer leaders and stakeholders, focused on maintaining a One Microsoft, one team environment.
  • Continuously improve the efficiency and maturity of the overall physical security program.
  • Engage with internal and external customers as appropriate to evangelize and represent Microsoft’s datacenter physical security programs.
  • Maintain confidentiality, discretion, and protect Microsoft information without question.

Qualifications

Qualifications:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Basic

  • This position requires an Australian Security clearance at the TSPV Level.
  • Must have 5+ years’ experience successfully managing physical security operations programs for/or supporting the Australian Government (SCEC, ASD, AGSVA).
  • Must have prior experience as a Security Officer managing Australian Government personnel clearances.
  • Diploma in security or related discipline, or equivalent experience preferred.
  • Ability to be on-call 24x7x365 and to travel periodically as planned or unplanned within or outside of assigned region.
  • Must be an Australian citizen (pre-requisite for the required security clearance).
  • Must have and maintain the ability to travel within and occasionally outside of Australia, in both planned and unplanned scenarios.
  • Proficient in the use of Microsoft Office products for business.
  • Excellent working knowledge of PSPF, DSPF and ASIO Technical Notes.

.Preferred

  • Confident and skilled in preparing and delivering presentations and briefings to customers, senior leaders, and executives.
  • Comprehensive understanding of the physical security discipline, focusing on operations.
  • Highly organized, task oriented, self-starter that demonstrates a high degree of initiative and requires low supervision.
  • Strong work and compliance ethic, and the ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment.
  • Thought leadership and subject matter expertise to deliver one or more large programs and services while increasing standardization, simplification, and automation.
  • Ability to change plans, goals, actions, and priorities in response to an evolving business environment with awareness to operate as a champion for course corrections when necessary.
  • Ability to develop, and maintain security related processes, procedures, program baselines, training, and improvement plans. Physical security management experience specifically involving datacenters, data processing, and/or IT environments.
  • Industry security certifications such as CPP, PSP, or HISP.
  • Experience with or exposure to regulatory and industry compliance frameworks and audits (e.g. ISO27001, SOC, PCI).
  • Confident and skilled in preparing and delivering presentations and briefings to customers, senior leaders, and executives.
  • Comprehensive understanding of the physical security discipline, focusing on operations.
  • Highly organized, task oriented, self-starter that demonstrates a high degree of initiative and requires low supervision.
  • Strong work and compliance ethic, and the ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment.
  • Thought leadership and subject matter expertise to deliver one or more large programs and services while increasing standardization, simplification, and automation.
  • Ability to change plans, goals, actions, and priorities in response to an evolving business environment with awareness to operate as a champion for course corrections when necessary.
  • Ability to develop, and maintain security related processes, procedures, program baselines, training, and improvement plans. Physical security management experience specifically involving datacenters, data processing, and/or IT environments.
  • Industry security certifications such as CPP, PSP, or HISP.
  • Experience with or exposure to regulatory and industry compliance frameworks and audits (e.g. ISO27001, SOC, PCI).

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.