Microsoft Director Security Research Incident Response 

Taiwan, Taoyuan City 

411789789

Incident Response –You will operate in a fast-paced, dynamic environment, tackling sophisticated security incidents across cloud and on-premises environments on a daily basis

Required Qualifications:

• Master's Degree in Statistics, Mathematics, Computer Science or related field
  • OR 7+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection.
• 1+ year(s) people management experience.
• 5+ yearscustomer-facing

Other Requirements:

• Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.

Preferred Qualifications:

• Doctorate in Statistics, Mathematics, Computer Science or related field
• OR 8+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection.
• 2+ years people management experience.
• Strong analytic, qualitative, and quantitative reasoning skills
• Track recordof successfully managing a technical business group andmaintainingconsistent growth
• Recognized as a strategic leader who can hire,retainand motivate diverse quality talent
• Experience leading both a services organization and product development function
• Develop business strategy and provide technical thought leadership
• Manage customer engagements escalations to ensure customer satisfaction
• Advanced technical degree or equivalent experience
• Advanced understanding of security technology and implementation principles with a focus on the cyber threat landscape
• Solid oral and written communication,organizationaland interpersonal skills
• Knowledge of the legal and regulatory landscape related to security and privacy in an international environment
• Executive presence, ability to influence senior IT and Global Risk leaders, CISO, CTO, CIOs
• Experience leading a global cross-functional team
• Experience with the following: opportunity identification, customer advocacy, conflict resolution, competitor intelligence,challengermindset, business acumen and analysis, executive presence, strategic technical planning, technology industry knowledge, trusted technicaladvisor
• Eligibility for a government security clearance
• Demonstrated history of leading teams of Security threat hunting analysts,engineersand consultants to successfully investigate cases of advanced targeted exploitation or similar interactive hacking cases
• Proven experience in helping enterprises manage vulnerabilities, measuresecurityand ensure compliance
• Recognized as a subject matter expert in various security disciplines with a deep understanding of real-world APT tools, tactics, and procedures
• Cloud SaaS and PaaS experience and an understanding of investigations in those environments andleveragingcloud for investigation scale
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, Cyber Kill Chain, Diamond Model, Pyramid of Pain,DeTT&CTand modern penetration testing techniques
• International consulting experience is a plus

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until October 2, 2025.

• People Management
• Responsible for mentoring,managingand leading a team of cyber security analysts, engineers, developers, leads and incident managers

• Managers deliver success through empowerment and accountability by modeling, coaching, and caring.

• Model - Live our culture; Embody our values; Practice our leadership principles.

• objectives

• Care - Attract andretaingreat people; Knoweach individual’scapabilities and aspirations; Invest in the growth of others.

• Strategic Initiatives

• Secure partner relationships and work closely with internal product and services groups as well as co-delivering with Microsoft’s Partner ecosystem

• Develop and mentor individual contributors through open communication, training and development opportunities and performance management processes.

• Develop andmaintainobjectives, metrics and KPIs supporting the department’s strategic direction and continuouslyimproveincident responsetechnical

• ommunicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner. Present to a wide range and size of audiences from IT Pro, toCxO

• Technical leadership and executive presence toestablish

• inthe expectation of discovering novel attacker techniques. Investigate and research thesetechniques, andpartner with threat intelligence and security engineering to drive security tooling and product enhancements.

• Synthesize threat data (telemetry) and evaluate the impact of current security trends, advisories, publications, and academic research, cascading learnings as necessary across partner teams and customers alike, and drive change in our approach to better combat these threats.

• benefitcontainment and hardening of customer environments, while keeping knowledge and skills current with the rapidly changing threat landscape.

• Similarly, share threat data with threat intelligence and engineering teams and drive research of threat actors and threat activity.

• Interface closely with and influence security product owners

• Drive the evolution of both proactive and reactive detection and investigation capabilities

• Business Operations

• Maintain a profitable business while developing a strategy for significant growth

• Influence product direction through customer experience and feedback of product capabilities during crisis

• directly with customers as a member of the engagement team, providing leadership and oversight to ensure profitability, high customer satisfaction, and operational excellence

• Ensure delivery alignment with sales, and prioritize capacity and readiness planning against demand

• to

• aintain business operations: Deliver against metrics, KPIs and other leading delivery operational and health indicators for our business unit.Responsible for technical and executive level reports on incident response issues.

• Design, document, and implementdetection andincident response processes, procedures, guidelines, and solutions.This involves operation and continually improving existing DARTprocess, as well as the development of new processes in response to evolving threats and business requirements.

• Ability to apply entrepreneurial and innovative mindset and attitude to adapt to the speed and agility needed for evolving business demands.

• Excellent time management, writing and communication skills

• Participating in a follow-the-sun on-call rotation

• Short-notice travel willlikely be40% or higher as is demanded by the needs of our customers and our business.

• This is a global position.

• Off-time zone hours and weekend work is highly likely.

• Position location is flexible.