Senior Security Engineering Lead

Halo Studios is building the future of the blockbuster Halo series of video games with Unreal Engine. As part of Xbox Game Studios, the Halo franchise encompasses games, novels, comics, licensed collectibles, apparel, and more with a shared vision of heroism, mystery, and wonder. With multiple projects in development, join our team as we forge the next generation of games and experiences in our award-winning sci-fi universe

We are seeking a highly skilled and experienced Senior Security Engineering Lead to join our studio. In this pivotal role, you will be at the heart of securing the research and development efforts that drive innovation in the Halo universe. From fortifying the tools and systems that empower our developers to ensuring the integrity of our game creation pipelines, your contributions will directly influence the future of one of the most beloved franchises in gaming. 

You’ll work closely with security analysts, developers, production and engineering across the studio ensuring robust security solutions across our R&D infrastructure. This is your chance to shape the security landscape behind the scenes, solving complex problems in a fast-paced, dynamic environment. If you’re passionate about innovation, thrive on new problems, and are eager to make an impact on the next generation of Halo experiences, we want you on our team.  If you are eager to play a critical role in securing the next chapter in the Halo’s franchise this is the role for you. 

As the Sr Security Engineering Lead, you will lead a small team of security analysts and engineers of Full-Time Employees (FTEs) and Contingent Staff Group (CSG) members. In addition to working with key stakeholders and leadership within the sStudio you will also collaborate closely with Gaming Security, Microsoft Security, and various partners to ensure ongoing alignment, manage engineering dependencies, and build robust security solutions. Your responsibilities will include envisioning and architecting security solutions, developing a strategic agenda across the organization, and ensuring alignment and accountability.

The successful candidate will have passion for security, good collaboration skills, technical depth, coupled with the ability to bring others together in developing common solutions.  Effective communication skills and the ability to thrive in an ambiguous and dynamic environment are necessary. Successful candidates will represent the growth mindset and display Microsoft cultural values in day-to-day activities.  In addition they will have experience and proficiency in Identity & Access Management (IAM), Incident Response & Threat Detection, Endpoint Security & Protection, Governance, Risk, and Compliance (GRC), Security Partnerships & Liaison, Automation & Application Security, and Azure Security & Cloud Engineering.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.  

Responsibilities

Responsibilities 

• Engage with the Leadership team, presenting security proposals and initiatives that require executive sign-off. Effectively translate complex technical issues into understandable terms for creative and non-technical stakeholders. 
• Serve as the Product Owner for the security team, working closely with Production and the scrum team to plan, prioritize, and execute sprints, ensuring alignment between security objectives and broader studio goals. 
• Envision and architect high-quality distributed services, infrastructures, and components to enable security for our Gaming businesses 
• Partner with Microsoft Gaming, Microsoft Security, and partners to ensure ongoing alignment, engineering dependencies, and build solutions  
• Lead through model, coach, care, a team of security professionals. 
• Drive proactive security measures across cloud, onsite and partner environments.   
• Development of detailed roadmaps to coordinate the efforts of the engineering teams  
• Effectively collaborate across large organizations and multi-disciplinary teams  
• Maintain in-depth knowledge of technologies, architectures, and emerging technologies, and how these can apply to our product, business, service, and technology stack.   
• Design process and Operational Improvement opportunities across Security Compliance Programs.   
• Provide strategic Cloud Security Architecture guidance to studios and business teams    

Qualifications

Required/minimum qualifications 

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), and information technology (IT) operations

      o OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
• 3+ years of experience managing and leading multi-disciplinary teams. 
• 3+ years leading a security function (e.g., Security Operations Center [SOC], threat and vulnerability management [TVM]). 
• 5+ years of experience in operational security, with at least 3+ years in a senior or architectural role. 

Preferred qualifications 

• Relevant security certifications, such as CISSP, CISA, CISM, SANS, OSCP, or cloud security certifications (e.g., Microsoft Azure Security Engineer, AWS Certified Security Specialty). 
• 4+ years in a technical role within a AAA Game Studio. 
• 1+ year(s) experience reading and/or writing code for automation. 
• 3+ years of experience with AWS, GCP, or Azure. 
• Technical skills in areas such as network security, cryptography, identity management, threat modeling, application security, and risk management. 
• Written and verbal communication skills with the ability to engage with teams across all levels and functions globally. 
• Customer-first, business-savvy, and holds a growth mindset to uphold our culture and values. 
• Experience with designing Cloud security guardrails and controls. 
• Experience with industry compliance, security, and regulatory standards such as ISO 27001, NIST 800-53 Rev. 
• Expertise in securing directory services such as Active Directory, Okta, and Entra ID. 
• Experience with CIS benchmarks and other industry security standards. 

Security Operations Engineering M4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until November 1, 2024. 

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#gamingjobs #halo