Microsoft Senior Technical Program Manager - Security Incident Response 

United States 

603030144

Required/Minimum Qualifications

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident respon
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
• 3 or more years of experience working in incident response
• Hands-on experience with incident response in cloud environments - Azure/M365 or competitive equivalents

Other Requirements:

• Abilityto meet Microsoft, customer and/or government security screening requirementsarerequired for this role. These requirementsinclude, butare not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

• 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
  • OR Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field.
• CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification
• Effective communication and interpersonal skills
  
• Detail oriented and an ability to apply critical thinking
  
• Ability to work under pressure
  
• Ability to structure unstructured problems and provide clarity where ambiguity exists
  
• Ability to operate with autonomy
  
• Ability to influence others
  
• Bias for action
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field
• Proficient with data query languages

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until November 22, 2024.

Incident response

• Incident commander focused on containment and eviction for large or complex security incidents
  
• Leads incident stakeholders including security architects, service engineers, investigators, and domain specific security engineering teams
  
• Drives the planning and execution of a containment and eviction plan of record
  
• Builds on existing systems, applies automation, and establishes self-service capabilities to scale response
  
• Briefs executive stakeholders on containment and eviction plans and associated status
  
• Maintains hands-on knowledge of mitigation steps for various asset types and contributes to self-service guidance for impacted engineering teams
  
• Participate in an on-call rotation

Technical program manager

• Maintains an inventory of containment and eviction capabilities
  
• Applies systems thinking to identify opportunities to improve efficiency, reduce time to mitigate, and reduce toil of containment and eviction activities
  
• Generates lean business cases to garner support for initiative prioritization and engineering investment
  
• Serves as the business stakeholder for engineering efforts and assists with operationalization of said capabilities
  
• Drives continuous improvement in process and tooling