Microsoft Cybersecurity Incident Response Engineering Director 

United States 

477286296

As the Director of America’s time zone, you will be responsible for DART’s largest and often busiest region, and will work collaboratively with the managers reporting to you, technical leaders, and Microsoft security all-up. You will work in a fast-paced, intellectually intense, constantly-evolving environment, and deal with complex customer challenges every day.

Required/Minimum Qualifications

• 7+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection.
  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
• 1+ year(s) people management experience.

Additional or Preferred Qualifications

• 8+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Doctorate in Statistics, Mathematics, Computer Science or related field.
• 2+ years people management experience.
• 5+ years customer facing experience.
• 5+ years people management experience.
• Track record of successfully managing a technical business group and maintaining consistent growth.
• Recognized as a strategic leader who has the ability to hire, retain and motivate diverse quality talent.
• Experience leading both a services organization and product development function.
• Develop business strategy and provide technical thought leadership.
• Manage customer engagements escalations to ensure customer satisfaction.
• Understanding of security technology and implementation principles with a focus on the cyber threat landscape.
• Knowledge of the legal and regulatory landscape related to security and privacy in an international environment.
• Executive presence, ability to influence upper-level IT and Global Risk leaders, CISO, CTO, CIOs.
• Experience leading a global cross-functional team.
• Experience with the following: opportunity identification, customer advocacy, conflict resolution, competitor intelligence, challenger mindset, business acumen and analysis, executive presence, strategic technical planning, technology industry knowledge, trusted technical advisor.
• Experience with some of the following is a distinct advantage.
• Demonstrated history of leading teams of Security threat hunting analysts, engineers and consultants to successfully investigate cases of advanced targeted exploitation or similar interactive hacking cases.
• Experience in helping enterprises manage vulnerabilities, measure security and ensure compliance.
• Demonstrated experience in various security disciplines with a deep understanding of real-world APT tools, tactics, and procedures.
• Cloud SaaS and PaaS experience and an understanding of investigations in those environments and leveraging cloud for investigation scale.
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques.

People Management

• Managers deliver success through empowerment and accountability by modeling, coaching, and caring.
• Model - Live our culture; Embody our values; Practice our leadership principles.
• Coach - Define team objectives and outcomes; Enable success across boundaries; Help the team adapt and learn.
• Care - Attract and retain great people; Know each individual’s capabilities and aspirations; Invest in the growth of others.

Conducting Research

• Provides direction to teams to ensure efforts are dedicated to prioritized Security Research efforts in multiple projects in different security areas. Oversees teams researching highest priority security issues and to fully investigate cause, motivation, and impact. Collaborates across teams to appropriately address and mitigate issues. Advocates for follow through with senior leadership. Ensures feedback loops are active and inform future research efforts.
• Ensures teams research, synthesize findings, and make recommendations aligned to key priorities for the business. Collaborates across teams, organizations, and leaders as needed to advocate for adoption of recommendations. Determines and ensures dissemination of research to those who most benefit. Balances value of dissemination over risk of divulging techniques. Builds and maintains relationships with stakeholders who benefit from research insight. Drives change within organization based on research findings. Leads team and role models contribution to professional community by publishing, advancing the Microsoft brand, creating and patenting IP. Maintains sustained interaction with research partners (e.g., industry, academia, government).

Solution Generation

• Contributes to crafting standards to address complex security issues. Influences standards within and outside Microsoft. Provides guidance to others as needed. Leads teams to focus on highest priority issues. Guides team in developing and deploying models, best practices, and guidelines to address patterns of issues. Frames strategy for the team and empowers them to execute accordingly.
• Works across multiple teams, divisions, and functional areas to support technical implementation of solutions and automation that increase the ability to harden against, detect, and mitigate issues (e.g., signature detection, malware, threat analysis, reverse engineering). Ensures teams develop and maintain areas of expertise, expands into new areas of expertise, and shares best practices across teams. Works across Microsoft to drive strategy across the organization. Drives alignment across organizations and may have impact outside Microsoft. Drives teams to use results from research and experimentation to drive architecture or product direction. Prioritizes efforts to further develop knowledge areas needed to drive direction in the industry.
• Collaborates across teams to ensure progress. Ensures obligations are fulfilled while planning for future capabilities and potential. Provides oversight across functional areas. Fosters collaboration across teams and functional areas. Holds teams accountable to standards. Influences teams and partners to uphold and create new standards. Actively retires outdated/redundant standards. Drives for engineering efficiency and clarity in standards.

Orchestration

• Works across multiple teams, divisions, and functional areas to provide technical perspective. Synthesizes perspectives to inform Microsoft position on security issues and prioritize points for advocacy. Influences Microsoft's standing in the industry. Builds structural relationships to enable streamlined and efficient communications and collaboration. Maintains one strategy across teams and organizations.
• Defines processes and environments to protect tools, techniques, information and results of security practices. Ensures teams are properly handling information/secrets. Educates others on proper procedures. Coordinates efforts across teams and with senior leaders as needed.
• Directs teams to lead postmortem and root cause analyses for complex and/or large scale live site issues to create repair items, specifies tools, and systems that support incident management, and mitigates and resolves issues across organizations. Guides teams to manage complete incidents with multiple bridges and ensures Incident Management System(s) are implemented, executives and customers are updated during and after incidents, and that quality postmortem and root-cause analysis processes are executed.
• Oversees teams in security and architectural design reviews for suite of features. Uses empirical evidence to identify and develop best practices for designing, implementing and validating software. Manages costs and budget associated with security reviews. Advises, evaluates, informs, and applies Security by Design Principles to products, services and research.

Industry Leadership

• Leads the work of technical experts and leverages expertise across a spectrum of specialties to ensure work is properly resourced and prioritized. Conveys critical technical issues to upper management in actionable terms. Advocates for accomplishments and needs of the teams. Persuades others to support key priorities. Establishes and maintains ethical behavior for the team in areas of subject matter expertise, including coordinated disclosure and ethical hacking. Drives participation in conferences and industry events. Ensures best practices are shared within and across teams.
• Collaborates with leaders of other engineering teams to identify and propose potential business opportunities, services, and/or product offerings. Manages efforts to research, develop, and implement new tools, technologies, and/or processes that may improve the availability, reliability, efficiency, and/or performance of products. Leverages technical expertise to anticipate and identify trend changes and adapt work accordingly. Makes business recommendations, such as cost-benefit, invest-divest, forecasting, and impact analysis with effective presentations of findings.

• Embody our