Overview:

Are you looking for a challenge that puts you at the center of the Microsoft Specialized Clouds strategy? Are you passionate about solving the security challenges of critical online services? Are you passionate about Penetration Testing and Purple Teaming?

Microsoft Specialized Clouds Security Fundamentals team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D). Services Pentest (SERPENT) team needs a Security Operations Engineer to increase our business partners' security posture.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability.

• ResponsibilitiesSERPENT is a world-class penetration testing team securing millions of users globally by focusing on both offensive and defensive aspects of security posture to continuously improve resilience and trust.
• Data-Driven Analysis
• Maintains strategic focus on analytical efforts of teams; ensures consistent access to resources needed for state-of-the-science metrics and key performance indicators (KPIs) needed to identify and mitigate security issues. Partners with teams to meet required objective and key results (OKRs).
• Red/Purple Team Operations
• Sets direction for team in developing and prioritizing recommendations to improve security posture through scaled tactical tools. Collaborates and influences across teams as needed.
• Automation
• Drives team outcomes in identifying, recommending, developing, and implementing automation to improve efficiency and effectiveness of security operations. Drives the lifecycle of specific automation and how it fits into the overall automation landscape. Accountable for measurable business impact of automation improvements. Drives strategic alignment between products and technology; mitigates product deficiencies by driving requirements into products. Cascades strategic vision throughout teams appropriately (e.g., open source, products, technology).
• Collaboration
• Is accountable for decisions regarding supplier portfolio and service levels needed to support security strategy and threat mitigation. Collaborates with internal and external parties to improve the security posture of mutual customers.
• Customer/Partner Experience
• Maintains strategic perspective on customer and partner experience; elevates trends and mitigation strategies with leadership as appropriate. Secures resources to make necessary improvements to enhance customer and partner experience. Educates, guides, and aligns to reduce risk in the security space for organizations.
• Monitoring and Detection
• Influences decisions regarding resource allocation to detection priorities. Establishes strategic direction and focus on intrusion direction; partners with stakeholders to ensure prompt and thorough mitigation of identified issues. Drives partnership with engineering teams to align priorities related to detection in publicly released products and services.
• Security Incident Response
• Maintains teams' focus on researching attempted or successful efforts to compromise systems security, including seeing through to resolution and aligning partnerships as needed. Ensures teams have comprehensive response plans and resources needed to prevent recurrence. Drives highest severity incidents that have companywide impact. Displays strong command and control presence to lead through extremely ambiguous challenging situations quickly and calmly. Ensures learnings from incidents get integrated into protective systems and processes.
• Translate Security Policy and Standards into Effective Controls
• Sets security policy and standards strategy and ensures resources are dedicated to develop and implement security policy accordingly. Drives mitigation of security strategy gaps for the organization and trends in the industry. Defines security policies that align with Microsoft strategy and support achieving global security compliance and risk mitigation.
• Identification and Detection of Control Failures
• Establishes accountabilities for teams and leaders to execute security controls and countermeasures needed to uphold security standards. Contributes to industry thought leadership to ensure Microsoft is best-in-class; aligns with strategic vision. Provides strategic guidance to teams and stakeholders regarding managing security gaps.
• Threat Intelligence and Analysis
  Elevates work of team to effectively prioritize threat analysis efforts and partners appropriately on identified threat patterns. Guides teams and secures resources and partnerships as needed to address threats. Integrates available threat insights to drive overall security strategy.

Qualifications:

Required Qualifications:- Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident responseOR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response

• OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
• OR equivalent experience.

Preferred Qualifications:

• 9+ years' experience in identifying security controls/detection, security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
• 3+ years people management
• 10+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
• CISSP, OSCP, GCIA, or SANS certifications is a plus.

Security Operations Engineering IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.