Microsoft Security Operations - Incident Commander 

United States, Washington 

365243704

Overview With the continued evolution of the external threat landscape, Microsoft continues to be a prime target for a variety of threat actors and experiences an increasing number of attempts to breach its defenses. In this role, you will lead our Operations Hub function within the Cyber Defense Operations team. As Security Operations - Incident Commander, you will be ensuring the function is coordinating incidents effectively, managing the coordination of incident response activities so they move at pace with clear milestones defined, tracked, and communicated accurately. Who we are: Operations Hub is the oversight and coordination center to optimize operational aspects related to enterprise-wide detection and response efforts, to enable greater visibility and coordination internally and externally, while driving and managing response efforts.

Required Qualifications:

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response

  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.

Other Requirements

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
  • OR Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field.
• CISSP CISA CISM SANS GCIA GCIH OSCP Security+
• Dedicated understanding of the incident response lifecycle, including the processes and technologies that assist with incident response.
• Trusted and demonstrated ability to design and implement operational processes and standards.
• Proficient analytical skills with the ability to synthesize multiple and complex threads and provide actionable directions to staff.
• Sociable communication and collaboration skills to drive alignment across multiple teams and stakeholders and to keep executives informed and aware of important topics.
• Previous experience working in high scale, cloud architecture environments.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Responsibilities:

• Incident Coordination and Communication capabilities across Microsoft’s Cyber Defense Operations.
• Ensure standards are met for governance to ensure streamlined, consistent processes to ensure the health and productivity of the Defense Operations ecosystem.
• Develop and implement standardized procedures for coordinating large-scale adversary cybersecurity.
• Collaborate with cross-functional teams to ensure that incident coordination and communication processes are scalable, efficient, and aligned with organizational goals.
• Drive process improvements, best practices, and automation opportunities to enhance the methods by which incidents are coordinated and related information is communicated across the organization.

• Embody our