Microsoft Security Technical Program Manager 

United States, Washington 

559500337

e are looking to hire a

Required/Minimum Qualifications:

• Bachelor's Degree AND 2+ years experience in engineering, product/technical program management, data analysis, or product development
  • OR equivalent experience.
• 1+ year(s) experience managing cross-functional and/or cross-team projects.
• 2+ years of experinence working with industry standard enterprise offerings from leading cybersecurity platforms such as Azure security tech stack, Signal Science, Tenable,Microsoft Defender External Attack Surface Management (EASM), Splunk, BurpSuite Pro, AquaSec, Microsoft Defender
• 2+ years of experience working with Ubuntu/Linux

Preferred Skills:

• Industry certifications: Security+, Certified Information Security Manager (CISM)
• Experience building automated tooling solutions
• Experience with threat modeling and architecture reviews
• Experience with commercial static and dynamic security scanning tools
• Understanding and ability to communicate the techniques, tactics and practices of an attacker to engineers and business stakeholders who are part of a globally dispersed team
• Understanding of OSI protocols such as TCP/IP, UDP, HTTP, HTTPS
• Experience with assessment, development, implementation, integration, optimization, and documentation of a comprehensive and broad set of security technologies and processes within SaaS, IaaS, PaaS environments
• Proven experience with deploying and securing IaaS, PaaS and SaaS solutions using native cloud security controls as well as be familiar with products and solutions outside of native cloud security controls
• Ability to quickly and succinctly architect and create technical solution documentation

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until July 14, 2024.

• Develop high fidelity alerts and signals that is implemented codified with detection as code
• Deploy monitoring and threat simulation testing for security controls to validate efficacy improving on established frameworks
• Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
• Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
• Support security incident response in a cross-functional environment and drive incident resolution for internal and external threats
• Develop high fidelity alerts and signals that is implemented codified with detection as code
• Deploy monitoring and threat simulation testing for security controls to validate efficacy improving on established frameworks
• Design and implement attack testing automation to validate detection coverage and build logging pipelines using our custom datasets and infrastructure
• Improve the tooling of threat cluster tracking and intelligence data integration to existing systems and various intelligence feeds
• Respond to security alerts generated in security tooling, driving the incident response process to completion
• Provide advanced security event detection and threat analysis for complex and/or escalated security events
• Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions
• Validate log sources and indexed data, search through indexed data to optimize search criteria
• Create custom alert schema, reports and custom dashboards
• Perform monitoring, research, assessment and analysis on all notable security events from a variety of technologies such as firewalls, intrusion detection systems, cloud services, endpoint security and operating system events
• Create and follow appropriate pre-defined procedures to further investigate security events and handle escalations to other required personnel as necessary

• Embody our