The Cloud + Enterprise Security Incident Management team is looking for an experienced security professional to enable partner and service teams to fulfill their security obligations, continually optimize services, and deliver a responsive data-driven engineering feedback loop across partner teams.
Our team is responsible for the security and privacy of the Microsoft Cloud. Our Security Incident Managers direct and manage the response to issues impacting the Microsoft cloud and our customers. We also direct targeted improvements to our services to make breaches less likely or limit their impact.
As the Senior Security Program Manager, you will regularly interface with the most senior leaders at Microsoft, up to and including the CEO and Senior Leadership Team. A successful candidate will be passionate about protecting customers from emerging security threats in an ever-evolving climate. If you enjoy being intimately involved in the latest security industry developments and are passionate about having a direct impact on the security of all cloud customers, this opportunity may be for you. We are a fast-paced team that constantly provides new opportunities to learn and grow. Your responsibilities will include driving security incidents that are either externally reported or internally detected. You will maintain the highest quality of work while driving projects to completion, balancing scope, schedule, competing priorities, project risks, and communications. You will work closely with other Security Operations, Forensics, and Engineering teams throughout Microsoft, as well as with marketing and public relations teams. Responding to threats in an expedited fashion involves on-call work at non-standard work hours. You will regularly make high-stakes decisions with executive visibility and company-wide impact on extremely short timelines with limited information. While this challenging work is not for everyone, the benefits related to these challenges are outstanding in providing new experiences, Microsoft-wide scope, visibility, and growth potential.
Specific functions include:
• Monitor & respond to security events, potential vulnerabilities, exposures, and policy compliance issues.
• Lead and direct response efforts across stakeholder and partner teams.
• Provide security incident response and management, investigation, and consultation from incident start to issue closure. Develop after action reports and repair items.
• Evaluate security advisories and vulnerabilities to determine potential impact to specific services and environments.
• Provide and interpret security service metrics, key performance indicators and other reporting data. Create executive summaries and brief colleagues, peers, and executive stakeholders on incident activity.
• Evaluate security risks and threat intelligence and develop strategies and tactics to defend against evolving conditions.
• Create technical documentation such as case records, troubleshooting guides, standard operating procedures, and frequently asked questions.
• In-depth knowledge and understanding of Security Risk and Threat Assessment methodologies.
• Windows and network analysis skills required.
• In-depth understanding of highly complex internet-based systems.
• A strong technical background/or computer science degree.
• The ability to analyze problems and make appropriate decisions quickly.
• Ability to drive large, complex programs and solutions.
• Excellent interpersonal and group dynamic skills.
• Strong written & verbal communication and presentation.
• Experience in developing correlations between disparate event sources and data sets.
• Experience with managing multiple data sets and relational databases.
• Highly developed analytical skills and demonstrated judgement to make appropriate decisions quickly.
• Bachelor’s degree or equivalent experience.
• Strong comprehension of security trends, emerging threats and calculating risk to recommend/take proper courses of action.
• A minimum of 5 years’ experience with project management or incident response.
Ideal candidates should have familiarity with the following:
• Direct experience with security events or availability incidents is required.
• Security Information and Event Management (SIEM) systems
• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
• Network and Host malware detection and prevention
• Network and Host forensic applications
• Windows Defender Advanced Threat Protection and similar security technologies
• A B.A or B.S. degree in Computer Science or similar field or equivalent experience.
• Experience with cloud-hosted services, web-based applications, and server/service management features.
• Strong working knowledge of security concepts such as encryption, public key infrastructure (PKI), transport layer security, HIDS/NIDS, and multi-factor authentication.
• Relevant industry certifications (CISSP, GCIH, GCFA, CGIA, etc.) a definite plus!
• Hands-on forensic and security investigation experience.
• Active transferrable US Government Security Clearance. Candidates must be able to meet all federal government security screening requirements as indicated for this role.
• Federal security screening requirements call for applicant to verify U.S. Citizenship.
• Additional customer screening requirements may include additional items such as, but not limited to: specialized agency background checks (either national or local) and fingerprinting, as well as the ability to obtain a government personnel security clearance.
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to email@example.com.
A little about us:
Microsoft offers training and employment opportunities to help you turn your military experience and skills into a civilian technology career.