Microsoft Ai & Automation Governance Engineer – Productivity Intelligence (Financial Services), VP

About The Position

Requirements

• Bachelor's degree in Computer Science, Software Engineering, or related field.
• 8+ years of experience in IT governance, security, or compliance, with at least 3+ years focused on low-code/no-code platform governance.
• 5+ years of hands-on experience administering and governing Microsoft Power Platform in a large enterprise (Power Apps, Power Automate, Power BI, Dataverse).
• In-depth understanding of Microsoft Power Platform architecture and administration: environment strategy, DLP policies, security roles/permissions, solution lifecycle (ALM) management, and Dataverse data governance.
• Experience with Microsoft 365 Copilot and Copilot Studio features — ideally including participation in deployments at scale and configuration of agent lifecycle, actions, and integrations in alignment with compliance needs.
• Strong understanding of security frameworks, compliance requirements, and risk management in a financial context.
• Experience developing and implementing enterprise-wide governance policies.
• Familiarity with regulatory compliance requirements for data and AI in finance (e.g., GDPR, CCPA, SOX, data privacy, records retention).
• Demonstrated ability to design controls and produce documentation for audit purposes.
• Hands-on experience with Microsoft Purview compliance portal features — DLP configurations, sensitivity labels, data classification, retention policies— and understanding of how Purview's AI-related controls manage Copilot usage.
• Familiarity with Microsoft Defender suite (Defender for Cloud Apps, Identity, Endpoint).
• Proficiency in Azure Entra ID (Azure AD) administration — conditional access, enterprise app permissions, cross-tenant access settings, security basics (AAD/Entra).
• Knowledge of CI/CD pipelines and DevOps practices for managing Power Platform components (solutions in source control, automated build/deploy).
• Ability to script or automate administrative tasks (PowerShell, Power Platform for Admins connectors) for scaling governance operations.
• Experience implementing monitoring and reporting solutions (e.g., Power BI dashboards, CoE Starter Kit analytics).
• Strong strategic thinking and planning abilities.
• Track record of successful stakeholder management and cross-functional collaboration.
• Proven ability to influence without direct authority.
• Experience in change management and organizational transformation.
• Ability to balance governance requirements with business agility— ensuring that controls mitigate risk without unnecessarily hampering productivity.
• Excellent communication abilities to articulate technical concepts across organizational levels.

Nice To Haves

• Microsoft Power Platform certifications.
• Security/compliance certifications (CISSP, CISM) or cloud certifications (Azure Administrator, Azure Security Engineer).
• AI certifications (e.g., AI-102 Azure AI Engineer Associate) indicating familiarity with AI services.
• Hands-on experience with governance solutions like AvePoint (Cloud Governance for M365/Power Platform) that help manage multi-tenant environment.
• Experience guiding an organization through a large-scale platform adoption or transformation initiative (e.g., rolling out Teams, SharePoint, or Power Platform globally with proper governance).
• Familiarity with organizational change management techniques and champion network models.
• Experience with AI/LLM governance or Responsible AI frameworks.
• Knowledge of how autonomous agents, retrieval-augmented generation, and advanced AI capabilities create new governance requirements.
• Understanding of how Copilot agents should be positioned as decision-support tools rather than autonomous decision-makers in regulated environments.
• Prior work in banking, insurance, or capital markets IT.
• Understanding of how financial enterprises conduct risk management and auditing.
• Experience with multi-national regulatory compliance — for example, navigating data sovereignty by restricting certain data to certain geographic tenants.

Responsibilities

• Develop and enforce enterprise-wide governance frameworks for Copilot Studio and Microsoft Power Platform in a multi-tenant environment.
• Define the policies, standards, and guardrails to ensure all low-code/no-code development is secure, compliant, and aligned with organizational objectives, compliance standards, and data security.
• Lead development and implementation of comprehensive data protection, security, and compliance measures for citizen-developed solutions, ensuring alignment with organizational goals and financial industry regulations (e.g., SOX, GDPR).
• In partnership with Information Security, Compliance, and Privacy teams, ensure solutions adhere to internal policies and regulatory requirements.
• Coordinate governance across multiple Microsoft 365 tenants as applicable.
• Develop strategies for cross-tenant consistency in DLP policies, environment configuration, and identity governance.
• Leverage multi-tenant management capabilities (such as Azure Entra cross-tenant policies) and third-party governance tools to manage at scale.
• Help operate the Power Platform CoE, including ownership of the Microsoft CoE Starter Kit tooling for monitoring and governance.
• Create and maintain environment management strategies — including creating new environments, managing the dev/test/prod lifecycle, and geographic tenant segmentation — to enable controlled solution development and deployment.
• Review and approve environment creations and manage tenant-level settings in line with governance policies.
• Working in collaboration with Enterprise Security help implement Data Loss Prevention (DLP) policies on two levels: (1) Power Platform DLP policies in the Power Platform Admin Center to govern connector and data source usage, controlling what agents can do — which connectors they may use, which knowledge sources are accessible, and which publishing channels are permitted; and (2) Microsoft Purview DLP policies in the Purview compliance portal to monitor and prevent leakage of sensitive data through Copilot/AI interactions, controlling what data can flow through them.
• Leverage Microsoft Purview (data classification, sensitivity labels, DLP policies, retention, and compliance concepts), Defender for Cloud Apps, and Entra ID (Azure AD) to enforce security.
• Work with the team to configure conditional access policies and app permissions via Entra ID to secure Power Platform applications and Copilot agents.
• Use Microsoft Defender and Cloud App Security policies to detect anomalies in Power Platform usage.
• Help the team manage the inventory of connectors (standard and custom) available to makers.
• Maintain a categorized connectors list in DLP policies (Business, Non-Business, Blocked) to prevent unauthorized data flows.
• Evaluate and approve new connectors after security review and enforce least-privilege access for service accounts.
• Where applicable, implement solutions such as AvePoint Cloud Governance to automate enforcement of policies.
• Work with the Identity team to ensure appropriate role-based access controls (RBAC) and permissions within the Power Platform.
• Configure Maker and Environment Admin roles, and govern the use of service principals.
• If multiple tenants are in play, set up cross-tenant access settings and help setup B2B collaboration policies for approved sharing while blocking ad-hoc routes outside of governance.
• Oversee application lifecycle management (ALM) for Power Platform solutions and Copilot agents.
• Define how solutions move from development to production —Ensure every app, flow, and bot has an assigned owner and support plan.
• Design and implement monitoring and compliance reporting systems for platform usage, providing visibility into platform performance and adherence to established standards.
• Use Power Platform CoE Starter Kit dashboards and custom telemetry to track metrics: active makers, app launches, flow runs, connector usage, DLP policy hits, etc.
• Design and implement automated security scanning and deployment strategies for low-code/no-code initiatives, ensuring efficient and streamlined workflows that catch compliance issues before production deployment.
• Liaison between the CoE and departments such as Cybersecurity, Compliance, Legal, and IT Operations.
• Collaborate to continuously refine policies, engage with Data Privacy officers to update DLP classifications, and work with Internal Audit and Risk teams to provide evidence of controls.
• Help the AI adoption team develop training programs and guidance for citizen developers on secure and compliant development practices.
• Work closely with citizen developers and power users to guide on best practices and educate and empower them to leverage the Power Platform effectively.
• Remain focused on enabling others. Rather than building solutions for business use cases directly, equip business units to build their own solutions safely.
• Create reusable components, reference architectures, and guardrail documentation so teams can accelerate projects without bypassing controls.
• In some cases, develop proof-of-concept automations or Copilot agents to demonstrate new governed capabilities, which can then be scaled by business-led teams.
• Continuously monitor evolving regulatory guidelines in financial services (e.g., FFIEC guidance on AI, data privacy requirements) that could impact low-code AI solutions.
• Update governance policies proactively to address new compliance obligations or security threats.
• Stay current on Microsoft's roadmap for Copilot, Power Platform, and related governance tooling.
• As the organization moves from simple Copilot usage to building more advanced AI agents (possibly with Azure AI Foundry or Microsoft Agent 365), ensure the governance model scales accordingly.
• Define KPIs to measure the program's success: growth in compliant citizen development, time-to-market for solutions, percentage of apps/flows passing compliance checks, DLP incident counts, cost savings from license optimization.

Benefits

• Competitive benefits package
• Comprehensive health and wellness benefits
• Retirement plans
• Educational assistance and training programs
• Income replacement for qualified employees with disabilities
• Paid maternity and parental bonding leave
• Paid vacation, sick days, and holidays
• Discretionary performance-based bonus and/or incentive compensation