Privacy & Compliance Manager

Medicine, biology, and technology are rapidly converging. The future of health will be data-driven, predictive, and precise. Microsoft Health Futures is focused on empowering every person on the planet to live a healthier future. To this end, we are responsible for research, incubations, and moonshots that drive cross-company strategy, partnerships, and real-world impact across healthcare and life sciences. 

We are a global, inclusive, and diverse crew of researchers, scientists, engineers, biotechnologists, designers, social scientists, strategists, healthcare experts, and medical professionals. The Privacy & Compliance Manager will serve as the compliance lead for health data privacy across Microsoft Research life science, health and Artificial Intelligence (AI) incubation projects. This role is critical to ensuring regulatory alignment and privacy best practices in collaboration with research, security, legal, engineering, and external partners. The position also contributes to Responsible AI risk assessments, particularly in the context of biological and clinical data.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities

• Privacy Compliance Leadership: Oversee privacy reviews for onboarding and public release of data, models, audits, and other assets. Ensure compliance with GDPR, HIPAA, UK Data Protection Act, and other relevant regulations and alignment with Microsoft Policies and Standards and the broader Research Privacy Compliance program.   
• Stakeholder Engagement: Act as a privacy subject matter expert to engineering, research, legal, security, and compliance teams. Provide guidance on data handling, use, and retention.   
• Responsible AI Risk Management: Contribute to risk assessments and mitigations related to biosafety, data use, and AI deployment in health contexts. Serve as a proactive problem solver.   
• Collaborator Negotiations: Support external engagements and negotiations, working closely with cross-functional teams.   
• Release Management: Oversee internal release and compliance processes and implement and share best practices across Microsoft Health Futures and in close coordination with Microsoft Research central compliance team.   
• Project and Portfolio Management: Coordinate workstreams across teams ensuring alignment with broader Microsoft regulatory and compliance goals. Track milestones, dependencies, and deliverables across multiple initiatives.
• Embody our culture and values.

Qualifications

Required Qualifications

• Bachelor's Degree in Science, Business, Engineering, or related field AND 4+ years experience in business, legal/regulatory, compliance, audit/consulting firm in Life Science or MedTech
• OR equivalent experience.
• Current certification in at least one: CIPP/E, CIPP/US, AIGP or an equivalent credential demonstrating expertise in privacy, data protection, or information governance.
• Understanding of global health data regulations and familiarity with implementation of privacy compliance approaches (e.g., DPIAs).

Preferred Qualifications

• Bachelor's Degree in Science, Business, Engineering, or related field AND 5+ years experience in business, legal/regulatory, compliance, audit/consulting firm with focus in Life Science or MedTech
• Master's Degree in Science, Business, Engineering, or related field AND 3+ years experience in business, legal/regulatory, compliance, audit/consulting firm with focus in Life Science or MedTech
• OR equivalent experience. 
• Strategic thinker with a proactive and solutions-oriented approach to privacy risk management.
• Ability to handle multiple projects and stakeholders with accuracy and expediency.
• Adept at navigating matrixed organizations and collaborating across cross-functional teams.
• Familiarity with pharmaceutical or biological AI technologies and their regulatory implications.
• Understanding of and experience with open data and open-source licensing terms.
• Effective communication skills.

Compliance IC4 - The typical base pay range for this role across the U.S. is USD $96,500 - $188,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $123,500 - $206,400 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until October 3, 2025.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#Research