Microsoft Ai & Automation Governance Engineer – Productivity Intelligence (Financial Services), VP
MUFG · Jersey City, NJ · 2 mo ago
On-siteFinance$127–$205/hrFull-time
Role Summary
This role is responsible for helping mature and scale a governance framework that enables employees to safely build and use Microsoft Copilot Studio agents and Power Platform solutions across a global financial enterprise.
Key Responsibilities
Governance Framework & Policy Leadership
- Develop and enforce enterprise-wide governance frameworks for Copilot Studio and Microsoft Power Platform in a multi-tenant environment.
- Define the policies, standards, and guardrails to ensure all low-code/no-code development is secure, compliant, and aligned with organizational objectives, compliance standards, and data security.
- Lead development and implementation of comprehensive data protection, security, and compliance measures for citizen-developed solutions, ensuring alignment with organizational goals and financial industry regulations (e.g., SOX, GDPR).
- In partnership with Information Security, Compliance, and Privacy teams, ensure solutions adhere to internal policies and regulatory requirements.
Multi-Tenant Oversight
- Coordinate governance across multiple Microsoft 365 tenants as applicable.
- Develop strategies for cross-tenant consistency in DLP policies, environment configuration, and identity governance.
- Leverage multi-tenant management capabilities (such as Azure Entra cross-tenant policies) and third-party governance tools to manage at scale.
Center of Excellence (CoE) Management
- Help operate the Power Platform CoE, including ownership of the Microsoft CoE Starter Kit tooling for monitoring and governance.
- Create and maintain environment management strategies — including creating new environments, managing the dev/test/prod lifecycle, and geographic tenant segmentation — to enable controlled solution development and deployment.
- Review and approve environment creations and manage tenant-level settings in line with governance policies.
Security & Compliance Controls
- Working in collaboration with Enterprise Security help implement Data Loss Prevention (DLP) policies on two levels:
- (1) Power Platform DLP policies in the Power Platform Admin Center to govern connector and data source usage, controlling what agents can do — which connectors they may use, which knowledge sources are accessible, and which publishing channels are permitted;
- (2) Microsoft Purview DLP policies in the Purview compliance portal to monitor and prevent leakage of sensitive data through Copilot/AI interactions, controlling what data can flow through them.
- Microsoft Security & Compliance Tooling:
- Leverage Microsoft Purview (data classification, sensitivity labels, DLP policies, retention, and compliance concepts), Defender for Cloud Apps, and Entra ID (Azure AD) to enforce security.
- Work with the team to configure conditional access policies and app permissions via Entra ID to secure Power Platform applications and Copilot agents.
- Use Microsoft Defender and Cloud App Security policies to detect anomalies in Power Platform usage.
- Connector and API Governance:
- Help the team manage the inventory of connectors (standard and custom) available to makers.
- Maintain a categorized connectors list in DLP policies (Business, Non-Business, Blocked) to prevent unauthorized data flows.
- Evaluate and approve new connectors after security review and enforce least-privilege access for service accounts.
AvePoint or Third-Party Governance Integration (Bonus)
- Where applicable, implement solutions such as AvePoint Cloud Governance to automate enforcement of policies.
Identity & Access Management
- Work with the Identity team to ensure appropriate role-based access controls (RBAC) and permissions within the Power Platform.
- Configure Maker and Environment Admin roles, and govern the use of service principals.
- If multiple tenants are in play, set up cross-tenant access settings and help setup B2B collaboration policies for approved sharing while blocking ad-hoc routes outside of governance.
Operational Governance & Monitoring
- Solution Lifecycle & ALM:
- Oversee application lifecycle management (ALM) for Power Platform solutions and Copilot agents.
- Define how solutions move from development to production — Ensure every app, flow, and bot has an assigned owner and support plan.
- Monitoring & Reporting:
- Design and implement monitoring and compliance reporting systems for platform usage, providing visibility into platform performance and adherence to established standards.
- Use Power Platform CoE Starter Kit dashboards and custom telemetry to track metrics: active makers, app launches, flow runs, connector usage, DLP policy hits, etc.
- Automated Security Scanning:
- Design and implement automated security scanning and deployment strategies for low-code/no-code initiatives, ensuring efficient and streamlined workflows that catch compliance issues before production deployment.
Collaboration & Enablement
- Stakeholder Engagement:
- Liaison between the CoE and departments such as Cybersecurity, Compliance, Legal, and IT Operations.
- Collaborate to continuously refine policies, engage with Data Privacy officers to update DLP classifications, and work with Internal Audit and Risk teams to provide evidence of controls.
- Training & Community Building:
- Help the AI adoption team develop training programs and guidance for citizen developers on secure and compliant development practices.
- Work closely with citizen developers and power users to guide on best practices and educate and empower them to leverage the Power Platform effectively.
- Enterprise Enablement vs. Solution Delivery:
- Remain focused on enabling others. Rather than building solutions for business use cases directly, equip business units to build their own solutions safely.
- Create reusable components, reference architectures, and guardrail documentation so teams can accelerate projects without bypassing controls.
- Continuous Improvement & Innovation
- Regulatory Watch:
- Continuously monitor evolving regulatory guidelines in financial services (e.g., FFIEC guidance on AI, data privacy requirements) that could impact low-code AI solutions.
- Update governance policies proactively to address new compliance obligations or security threats.
- Emerging AI Governance:
- As the organization moves from simple Copilot usage to building more advanced AI agents (possibly with Azure AI Foundry or Microsoft Agent 365), ensure the governance model scales accordingly.
- Value Articulation & Metrics
- Define KPIs to measure the program's success: growth in compliant citizen development, time-to-market for solutions, percentage of apps/flows passing compliance checks, DLP incident counts, cost savings from license optimization.
Education & Experience
- Bachelor's degree in Computer Science, Software Engineering, or related field.
- 8+ years of experience in IT governance, security, or compliance, with at least 3+ years focused on low-code/no-code platform governance.
- 5+ years of hands-on experience administering and governing Microsoft Power Platform in a large enterprise (Power Apps, Power Automate, Power BI, Dataverse).
Power Platform & Copilot Expertise
- In-depth understanding of Microsoft Power Platform architecture and administration: environment strategy, DLP policies, security roles/permissions, solution lifecycle (ALM) management, and Dataverse data governance.
- Experience with Microsoft 365 Copilot and Copilot Studio features — ideally including participation in deployments at scale and configuration of agent lifecycle, actions, and integrations in alignment with compliance needs.
Security & Compliance Knowledge
- Strong understanding of security frameworks, compliance requirements, and risk management in a financial context.
- Experience developing and implementing enterprise-wide governance policies.
- Familiarity with regulatory compliance requirements for data and AI in finance (e.g., GDPR, CCPA, SOX, data privacy, records retention).
- Demonstrated ability to design controls and produce documentation for audit purposes.
- Hands-on experience with Microsoft Purview compliance portal features — DLP configurations, sensitivity labels, data classification, retention policies— and understanding of how Purview's AI-related controls manage Copilot usage.
- Familiarity with Microsoft Defender suite (Defender for Cloud Apps, Identity, Endpoint).
- Proficiency in Azure Entra ID (Azure AD) administration — conditional access, enterprise app permissions, cross-tenant access settings, security basics (AAD/Entra).
- Knowledge of CI/CD pipelines and DevOps practices for managing Power Platform components (solutions in source control, automated build/deploy).
- Ability to script or automate administrative tasks (PowerShell, Power Platform for Admins connectors) for scaling governance operations.
- Experience implementing monitoring and reporting solutions (e.g., Power BI dashboards, CoE Starter Kit analytics).
Leadership & Soft Skills
- Strong strategic thinking and planning abilities.
- Track record of successful stakeholder management and cross-functional collaboration.
- Prominent ability to influence without direct authority.
- Experience in change management and organizational transformation.
- Ability to balance governance requirements with business agility— ensuring that controls mitigate risk without unnecessarily hampering productivity.
- Excellent communication abilities to articulate technical concepts across organizational levels.