Microsoft Senior Incident Coordination Manager 

Taiwan, Taoyuan City 

42980529

Security is the foremost concern for Microsoft and our customers in a world increasingly challenged by digital threats, regulatory demands, and estate complexity. The Microsoft Security organization accelerates Microsoft’s mission to ensure that our company and industry effectively secure digital technology platforms, devices, and clouds across our customers’ diverse environments, as well as our own internal systems. Within Microsoft Security, the CISO organization is dedicated to defending the Microsoft estate and protecting our customers and partners who rely on it with our approach reinforced by the Microsoft Secure Future Initiative (SFI), a company wide effort to evolve how we design, build, test, and operate our products and services to achieve the highest possible standards for security. Our strategy is anchored in stopping adversaries through the integration of advanced threat intelligence, proactive threat hunting, rock solid operations, sustainable governance, and the facilitation of automation and augmentation with AI to anticipate, detect, and neutralize even the most sophisticated attacks. We cultivate a culture focused on growth, excellence, and empowering our teams and leaders to perform at their highest level, leading to innovations that impact billions of lives around the world.

With the continued evolution of the external threat landscape, Microsoft continues to be a prime target for a variety of threat actors and experiences an increasing number of attempts to breach its defenses. In this role, you will lead a. You will be ensuring incidentsare managedby tracking the progress ofncident response activitiesso that response effortsat pace with clear milestones defined,and risk and progress iscommunicated accuratelyall relevant stakeholders.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Required Qualifications:

• 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), and information technology (IT) operations

  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.

• 3+ years people management experience.

• Understanding of the incident response lifecycle, including the processes and technologies that assist with incident response and experience working in high scale, cloud architecture environments

• Ability to design and implement operational processes and standards along with analytical skills with the ability to synthesize multiple and complex threads and provide actionable directions to other team members.

• Communication and collaboration skills to drive alignment across multiple teams and stakeholders and to keep executives informed and aware of important topics.

Other Requirements:

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter

Preferred Qualifications:

• 9+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomalydetection
  • ORDoctorate in Statistics, Mathematics, ComputerScienceor related field.
• 5+ years people management experience.
• 2+ years leading a security function (e.g., Security Operations Center [SOC],threatandvulnerabilitymanagement [TVM]).
• 2+years experienceleading multi-disciplinary teams.
• CISSP,CISA,CISM,SANS,GCIA,GCIH,OSCP, and/orSecurity+certification.

Security Operations Engineering M5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until April 14, 2025.

Core Responsibilities:

• Build, mentor, and manage a high-performing team of incident response professionals, fostering a culture of collaboration, resilience, and continuous improvement.
• Drive training and readiness programs to enhance the team’s ability to handle emerging threats and crises.
• Oversee end-to-end incident lifecycle and enable continuous monitoring, analysis, and enhancement of cases and incidents across Defense Operations improve operational measures and response capabilities.
• Collaborate with cross-functional teams to ensure that incident coordination and communication processes are scalable, efficient, and aligned with organizational goals.
• Build strong partnerships across defense, engineering, governance, compliance and security teams to enable timely incident coordination.
• Establish metrics and reporting to measure the effectiveness of incident coordination, identifying and addressing gaps or inefficiencies.
• Establish metrics and reporting to measure the effectiveness of case handling and resolution across the Defense Operations organization.
• Drive process improvements, best practices, and automation opportunities to enhance the methods by which incidents are coordinated and related information is communicated across the organization.