Microsoft Cyber Defense Operations Hub Incident Command Leader 

United States, Washington 

369720560

the Operations HubThe Operations Hub is the centerpiece of the Defense Operations organization andis responsible forcybersecurity incident coordination, cross-organizational communications, oversight and monitoring across Defense Operations, and continuous improvement of Defense Operations processes.

With theyou will lead ourwill be ensuring the function is coordinating incidents effectivelymanaging the coordination ofincident response activitiesso theyat pace with clear milestonesdefined, tracked, and communicated.

As a Leader of the Operations Hub and Incident Command, you will build the team at the center of Microsoft Cybersecurity Defense Organization.In this role, youwill also shape the broader framework to monitor and oversee the health and effectiveness of the broader Defense Operations ecosystem, helping to build scalable processes to monitor that cases and incidents are being handled in a timely manner with clear ownership and resolution and to drive continuous improvement to ensure our Cyber Defense Operation function remains agile, efficient, and at the cutting edge of threats and challenges.

Required Skills:

• 7+ years of experience incybersecurity, IT operations, or governance roles with a focus oncybersecurity incident response or crisis managementprocesses.
  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
• 3+ years people management experience.
• Required understanding ofthe incident response lifecycle, including the processes and technologies thatassistwith incident response ANDexperience working in high scale, cloud architecture environments
• Ability to design and implementoperational processesand standards along withanalytical skills with the ability tosynthesize multiple andcomplex threadsand provide actionabledirections to other team members.
• Required communicationand collaboration skills to drive alignment across multiple teams and stakeholdersand to keep executives informed and aware of important topics.

Other Requirements:

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

• This position requires verification of citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or localgovernment agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport.

Preferred Skills:

• Bachelor's degree or more advanced degree in information technology, cybersecurity, or a related field.
• Experience withincident response or crisis management disciplines.
• Familiarity with Microsoft technologies and security frameworks.
• Experience in a large-scale enterprise environment with cross-functional teams.
• Experience distilling complex technical concepts into business-oriented outputs for executive consumption and understanding.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

• Microsoft will accept applications for the role until Jan 13^th, 2025.

• Strategic and OperationalLeadershiptooptimizeIncident Coordination and Communication capabilities across Microsoft’s Cyber Defense Operations.
• Build, mentor, and manage a high-performing team of incident response professionals, fostering a culture of collaboration, resilience, and continuous improvement.
• Drive training and readiness programs to enhance the team’s ability to handle emerging threats and crises.
• Oversee end-to-end incident lifecycleand enable continuous monitoring, analysis, and enhancement of cases and incidents across Defense Operations improve operational measures and response capabilities.
• Collaborate with cross-functional teams to ensure thatincident coordination and communicationprocesses are scalable, efficient, and aligned with organizational goals.
• Build strong partnerships acrossdefense,engineering, governance,complianceand security teamsto enabletimelyincident coordination.
• Establish metrics and reporting to measure the effectiveness ofincident coordination,identifyingand addressing gaps or inefficiencies.
• Establish metrics and reporting to measure the effectiveness of case handling and resolution across the Defense Operations organization.
• Drive process improvements, best practices, and automation opportunities to enhance themethods by which incidents are coordinated and related information is communicated across the organization.
• Ensure alignment with broader cybersecurity strategies, compliance requirements, and industry standards.