Overview
Microsoft is hiring a Europe-based cybersecurity attorney to help solve complex problems at the frontiers of regulation and technology, including rapid, AI-driven changes. Our new team member will help to enhance Microsoft’s security and increase trust in one of the planet’s most significant companies.
The Microsoft Corporate, Legal, and External Affairs (CELA) department seeks a highly motivated, experienced attorney based in Europe to join its Customer Security and Trust organization’s Cybersecurity Regulatory Affairs Team. The Cybersecurity Regulatory Affairs Team is focused on developing strategies to support cybersecurity regulatory compliance, providing cybersecurity compliance counseling, leading strategic compliance initiatives, reporting security incidents and responding to regulatory inquiries, and shaping the development of cybersecurity laws worldwide. Cybersecurity and cyber threats are some of the greatest and highest impact risks to organizations and the tech industry today. The attorney in this role will support cybersecurity and resilience compliance programs for laws and regulations around the world, with a focus on laws and regulations in Europe, including providing advice on requirements under European laws and engagement with regulatory authorities as needed. The attorney will serve as a cybersecurity expert helping Microsoft track, analyze, and shape legislation in the development phase, and then helping our businesses achieve their most important strategic goals through compliance and counsel, and thoughtful policy implementation.
Responsibilities
As part of a team of attorneys and working with our policy experts, review regulations around cybersecurity through the lens of compliance, articulating legal obligations for our product and services teams globally.
Provide strategic direction to other legal teams and business partners on specific issues and trends in cybersecurity, including AI security, and related legal compliance that will impact Microsoft’s businesses, our customers, and our ecosystem.
Support the company’s cybersecurity governance and oversight programs, including the Microsoft Cybersecurity Governance Council, which is led by the Microsoft Global CISO and Deputy CISOs, and Microsoft’s security committee for European operations.
Qualifications
Required/Minimum Qualifications:
Relevant experience in cybersecurity law, cybersecurity compliance, critical infrastructure, privacy, telecommunications, or digital safety, ideally in the EU’s DORA, NIS1 or NIS2 Directives, GDPR, and/or analogous regulations in other European states.
Additional or Preferred Qualifications
Fluency and facility with cyber risks, remediation, cybersecurity standards (e.g., NIST, ISO/IEC), frameworks, risk assessments or certification processes, ideally including a practical understanding of same.
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process.
