Senior Security Engineering Program Manager

The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. ​As part of the Microsoft Security organization, and a steward of Microsoft and our customer’s data, a core function of Microsoft DSR is ensuring the security of every aspect of the business. Microsoft DSR is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!  

As part of the DSR organization, the ACE (Assessment, Consulting, & Engineering) team offers security guidance and support to Microsoft’s enterprise. We help our customers identify and mitigate security risks in their applications, services, and infrastructure. To keep up with the dynamic cyber security landscape, where attackers use advanced tools and techniques to breach our defenses, our team promotes:

• Continuous learning to enhance our expertise and deliver high levels of security trust across our portfolio.
• Innovation to create automated solutions that enable us to perform our services efficiently and effectively at-scale.
• Close collaboration within our team and with our outside stakeholders so that we can provide  security assurance.

Working with teams from our newly acquired companies, you will make an impact as a Senior Security Engineering Program Manager for our Mergers & Acquisitions (M&A) Assurance program. Your role will involve identifying and addressing the root causes of security issues in their systems, as well as helping them adopt security best practices. You will also spot trends across security issues and processes and use your insights to develop recommendations to reduce risks and improve our workflows and standards. You will be part of a diverse and talented team of security professionals, who will support your learning and growth, and share your passion for our mission.

Responsibilities

• Perform security assessments and share security knowledge
• Implement our strategy of effective and efficient security processes to reduce risk for Microsoft’s enterprise
• Align the controls, platforms and tools that support the assurance processes with the current security trends and engineering models
• Work proactively with other security assurance and tooling teams across Microsoft to adopt a unified approach for at-scale security assurance
• Collaborate respectfully with customer engineering and business teams to inform them on security concepts

Embody our culture and values

Qualifications

Required/Minimum Qualifications

• 5+ years experience in software development lifecycle, large scale computing, modeling, cyber security, anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field
  • OR equivalent experience.

Other Requirements

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
• This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

• 6+ years experience in software development lifecycle, large scale computing, modeling, cyber security, anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field
  • OR equivalent experience.
• Certified Information Systems Security Professional (CISSP) Certification, Security+ Certification, or relevant certification.

Security Assurance IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $145,800 - $238,600 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications and processes offers for these roles on an ongoing basis.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MSFTSecurity #DSR