Work in Washington Veterans Jobs

Job Information

Microsoft Corporation Senior Security Engineering Manager Cloud in Redmond, Washington

Cloud Operations and Innovation (CO+I) is the engine that powers Microsoft's cloud services. The team is responsible for designing, building and operating our unified global datacenters; managing the demand planning and capacity utilization of our unified infrastructure; and responsible for all of the operations needed to run the physical infrastructure (including supply chain, hardware, power, security, and workflow teams). We focus on smart growth with an emphasis on automation, data driven engineering, cost-effectiveness, and environmental sustainability.

We deliver the core infrastructure and foundational technologies for Microsoft's over 200 online businesses including Bing, MSN, Office 365, Xbox Live, Skype, OneDrive and the Microsoft Azure platform. Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and over 1 million servers. Our portfolio is built and managed by a team of subject matter experts working 24x7x365 to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.

This core infrastructure is a target for cyber criminals, hacktivists, and nation-state adversaries that seek to bring harm to our businesses, customers, and staff. Holding the line against them these threats is the Datacenter Cyber Defense and Industrial Networking team! We are Microsoft’s industrial strength security team!

With a focus on safety, resiliency, and recovery the Datacenter Cyber Defense and Industrial Networking team is responsible for fielding and operating our datacenters cyber security systems, controls and processes that protect and defend Microsoft’s datacenters operational technologies (OT), industrial scenarios, and other mission critical infrastructures from cyber threats.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities

The Datacenter Cyber Defense and Industrial networking team is seeking a motivated, talented, and cyber security focused Senior Security Engineer to join our team! This role works collaboratively across a larger engineering team managing the structure, deliverables, timelines, and prioritization for designing, delivering, automating, securing, and providing operational support for critical industrial networking programs, services and projects in existing and future datacenters.

The cloud business is booming, that means datacenter activities and growth is booming! Our datacenters work 24 hours a day, 7 days a week, 365 days a year – so our programs and services must too be designed, built, and operated in such a way to support that growth and execution model. You will work within the Cloud Operations and Innovation engineering teams as well as partner across external teams handling datacenter engineering, support teams, design and build teams, and key decision makers across CO+I division.

Partnering closely with the peer engineering organizations your role will be to design and deploy security solutions and manage them in a true DevOps fashion. You will be required to possess deep technical skills in Security and drive projects with heavy reliance on key partnerships with global datacenter operations teams and functions at varying levels of the business, teams responsible for the design and delivery of datacenters, Azure network engineering and architecture teams, and all groups affiliated with Microsoft Datacenters (Business & Property groups).

The candidate must possess strong written and verbal communication skills with an ability to speak and present effectively to all levels of business and be willing to jump into any situation to help provide design, support and troubleshoot issues in a 24x7x365 engineering environment. A successful candidate should be able to execute following responsibilities:

People Management

  • Manage a team of security analysts through a direct or matrixed environment to develop Cloud security strategy for IaaS, PaaS, and SaaS; oversees design and implement cloud security continuous monitoring and identity solutions.

  • Work with the Cloud owners to understand Cloud vision and requirements. Be the subject matter expert for various teams to rely on vis-a-via cloud security.

  • Directs team to address identified security gaps. Ensures team is properly resourced to accomplish goals. Coordinates with other teams to remediate control failures.

  • Drives teams to identify, recommend, and implement new automation to create greater efficiencies and effectiveness of security operations. Drives the lifecycle of specific automation and how it fits into the overall automation landscape. Accountable for measurable business impact of automation improvements. Propagates solutions across the organization to those who would benefit.

  • Escalates and drives resolution of potential gaps in security strategy for the organization. Responsible for guidance and adoption of all security policies for the team. Recommends changes to policies as appropriate. Drives refinement of security policy and standards.

  • Guides team to work with internal and external parties to deliver service levels to address classes of threats. Applies subject matter expertise and leads postmortem and root cause analyses for complex and/or large-scale live site issues to create repair items, specify tools and systems that support security incident management, and mitigate and resolve issues across organizations. Manages security incidents with multiple bridges and ensures Incident Management System(s) are implemented, executives and customers are updated during and after incidents, and that quality postmortem and root cause analysis processes are executed.

  • Provides guidance to teams on customer and partner experience expectations. Resolves issues when needed and supports efforts to improve customer and partner experience.

  • Directs team to use available and most appropriate analytical techniques to investigate key metrics and performance indicators to identify trends and patterns of security issues. Defines operational measures and metrics to analyze on recurring basis. Drives measurement strategy aligned to prioritized outcomes.

  • Guides team to research attempted or successful efforts to compromise systems security and aligns resources to pursue next steps. Manages stakeholder communication appropriately. Coordinates with partner teams as needed to secure data and chain of custody. Collaborates with other security teams to ensure comprehensiveness of analysis and response.

  • Guides team to develop prioritized detection capabilities. Manages internal stakeholder relationships appropriately to maintain awareness. Oversees team in detecting potential or actual intrusions. Ensures team is properly resourced to identify and mitigate intrusions. Drives improvements into first-party products. Leverages and contributes to others' work. Shares best practices and lessons learned across teams.

Qualifications

Qualifications:

  • 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), and information technology (IT) operations

  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.

  • 3+ years experience developing tools on, or hardening of, Azure platforms

  • Exerience with software build, deployment and configuration technologies.

  • Experience working with cloud continuous monitoring or identity or any security solutions like Thycotic Secrets management servers.

Preferred or Additional Qualifications:

  • 2+ years people management or a proven track record of passion for people

  • 1+ year(s) leading a security function (e.g., Security Operations Center [SOC], threat and vulnerabillity management [TVM]).

  • 1+ year(s) leading multi-disciplinary team.

  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, PCCSE, PCNSE, PCSAE, CCNP Security, CCIE Security and/or Security+ certification.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

#COICareers #COIEngCareers #COISecCareers#STSS #CyberDefense #ISSE

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

DirectEmployers