Kim Lucy

Kim Lucy Email and Phone Number

Director of GRC Standards at Microsoft @ Microsoft
redmond, washington, united states
Kim Lucy's Location
Seattle, Washington, United States, United States
Kim Lucy's Contact Details
About Kim Lucy

I've formed my career around the place where standards, compliance, regulation, and public policy intersect. I'm deeply curious and happiest when I am able to learn new things and be challenged frequently--I've worked as an expert writing standards in cybersecurity, privacy, and AI (along with building databases and BI dashboards, analyzing regulatory trends, and a career in academia prior to IT). I've often been described as a "translator," or the key piece between organizations or individuals who aren't speaking the same language, whether it's engineers and legal, standards and policy, or different organizations in the same industry with slightly different goals. I enjoy coming up with creative technical and policy solutions that serve the needs of diverse stakeholders. I also love working with and managing global teams and believe travel is the best way to learn about the world and yourself.

Kim Lucy's Current Company Details
Microsoft

Microsoft

View
Director of GRC Standards at Microsoft
redmond, washington, united states
Website:
microsoft.com
Employees:
189892
Kim Lucy Work Experience Details
  • Microsoft
    Director Of Standards
    Microsoft Sep 2020 - Present
    I currently work in the Corporate Standards Group in Microsoft's Privacy and Regulatory Affairs organization. I manage a team that is responsible for our organization's strategic approach to governance, risk, and compliance within the tech standards domains we engage in (AI, privacy, cybersecurity). We rely heavily on a data analytics approach to ensure alignment with regulatory requirements across the world and work across the company with engineering teams, legal, regulatory and government affairs, compliance, and sales/marketing to help implement and advocate for international standards.
    View
  • Microsoft
    Sr. Privacy Program Manager
    Microsoft Dec 2016 - Sep 2020
    Redmond, Wa
    Worked in the Program Management and Operations arm of the Privacy and Regulatory Affairs org. I primarily focused on issues surrounding responsible data use and governance and created data models and visualizations for more accurately understanding privacy impacts to personal data.I also worked with the Corporate Standards Group, which works with international organizations to help shape, revise, and draft global standards (e.g. ISO 27018, ISO 27001/2). I was a primary contributor to the ISO/IEC 27701 standard (Privacy Information Management System, or PIMS), leveraging my data analysis skills to align contributions with GDPR and other global privacy requirements.
    View
  • Microsoft
    Sr. Information Security Program Manager
    Microsoft Feb 2015 - Dec 2016
    Built and managed supplier security risk program for Cloud & Enterprise:-Developed contractual security and compliance terms and support contract negotiations-Drafted policy guidance for supplier security-Developed and implemented supplier security risk assessment methodology-Assessed and remediated supplier security risk-Defined requirements and worked with engineering to solve for scalability across supplier population
    View
  • Microsoft
    Sr. Information Security Compliance Program Manager
    Microsoft Dec 2011 - Mar 2015
    Redmond, Wa
    Managed ISO 27001 compliance activities for internal Microsoft groups including coordinating prep activities and external audits; identified and remediated compliance and security impacting issues in complex cloud environments; drafted and managed compliance requirements for third parties and assisted in contract negotiations; completed gap assessments against new standards and requirements and recommended changes to ensure compliance; managed vendor resources that support compliance programs.
    View
  • Ernst & Young
    Advisory Services
    Ernst & Young Jul 2009 - Dec 2011
    Evaluated security and reliability of IT systems for diverse companies as support for financial audits, including SOX audits; worked with clients to walk through, understand, and document business processes; assessed processes and controls for compliance with security standards such as ISO 27001, NIST 800-53, and PCI; provided guidance to clients on adoption of new security standards, including gap assessments against those requirements.
    View
  • University Of Washington
    Teaching Assistant, Info 360 (User-Centered Design)
    University Of Washington Mar 2009 - Jun 2009
    Supported two classes of Info 360 (over 70 students). Duties included updating website materials and content, teaching classes, grading assignments, contributing coursework ideas, and mentoring students. Course focused on User-Centered design methodologies and practices.
    View
  • University Of Washington
    Student
    University Of Washington Sep 2007 - Jun 2009
    Graduated with my MS in Information Management in June 2009.
    View
  • Weyerhaeuser
    Web Services Business Analyst Intern
    Weyerhaeuser Jun 2008 - Dec 2008
    Worked with customers to determine requirements and verify business value for web-based technologies such as digital media, custom web applications, intranet sites and portals, and external websites; project delivery lead and SCRUM master for a custom web application developed for a marketing team; worked with cross-functional teams of analysts, developers, and testers.
    View
  • University Of Washington
    Teaching Assistant, Art History
    University Of Washington Sep 2004 - Jun 2007
    Led four to six classes per week of 50-75 students. Responsible for review of materials, personal help, and grading. Collaborated in a team environment with Professors and other Teaching Assistants to develop learning materials, exams, and paper topics.
    View

Kim Lucy Skills

Information Security Requirements Gathering Software Documentation It Audit Information Management Information Technology Sharepoint Business Process Risk Assessment Information Architecture Visio Cross Functional Team Leadership Scrum Program Management Privacy Gdpr Iso Standards Data Analysis Database Design Cloud Computing Iso 27001 Power Bi Iso 27001 Lead Auditor Project Management Security

Kim Lucy Education Details

Frequently Asked Questions about Kim Lucy

What company does Kim Lucy work for?

Kim Lucy works for Microsoft

What is Kim Lucy's role at the current company?

Kim Lucy's current role is Director of GRC Standards at Microsoft.

What is Kim Lucy's email address?

Kim Lucy's email address is ki****@****ail.com

What is Kim Lucy's direct phone number?

Kim Lucy's direct phone number is +142542*****

What schools did Kim Lucy attend?

Kim Lucy attended University Of Washington, University Of Washington, University Of Washington.

What skills is Kim Lucy known for?

Kim Lucy has skills like Information Security, Requirements Gathering, Software Documentation, It Audit, Information Management, Information Technology, Sharepoint, Business Process, Risk Assessment, Information Architecture, Visio, Cross Functional Team Leadership.

Who are Kim Lucy's colleagues?

Kim Lucy's colleagues are Amit Kumar, Bradley Wright, Arun Bk, Daniel Davsky, Shayden Powell, Eric Steinman, Manije Neko.

Not the Kim Lucy you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.