Security Operations - Incident Commander

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Overview With the continued evolution of the external threat landscape, Microsoft continues to be a prime target for a variety of threat actors and experiences an increasing number of attempts to breach its defenses. In this role, you will lead our Operations Hub function within the Cyber Defense Operations team. As Security Operations - Incident Commander, you will be ensuring the function is coordinating incidents effectively, managing the coordination of incident response activities so they move at pace with clear milestones defined, tracked, and communicated accurately. Who we are: Operations Hub is the oversight and coordination center to optimize operational aspects related to enterprise-wide detection and response efforts, to enable greater visibility and coordination internally and externally, while driving and managing response efforts.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

Responsibilities:

• Incident Coordination and Communication capabilities across Microsoft’s Cyber Defense Operations.
• Ensure standards are met for governance to ensure streamlined, consistent processes to ensure the health and productivity of the Defense Operations ecosystem.
• Develop and implement standardized procedures for coordinating large-scale adversary cybersecurity.
• Collaborate with cross-functional teams to ensure that incident coordination and communication processes are scalable, efficient, and aligned with organizational goals.
• Drive process improvements, best practices, and automation opportunities to enhance the methods by which incidents are coordinated and related information is communicated across the organization.

Other 

• Embody our Culture and Values 

Qualifications

Required Qualifications:

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response

  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.

Other Requirements

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter. 

Preferred Qualifications: 

• 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
  • OR Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field.
• CISSP CISA CISM SANS GCIA GCIH OSCP Security+
• Dedicated understanding of the incident response lifecycle, including the processes and technologies that assist with incident response.
• Trusted and demonstrated ability to design and implement operational processes and standards.
• Proficient analytical skills with the ability to synthesize multiple and complex threads and provide actionable directions to staff.
• Sociable communication and collaboration skills to drive alignment across multiple teams and stakeholders and to keep executives informed and aware of important topics.
• Previous experience working in high scale, cloud architecture environments.

Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

 Microsoft will accept applications and processes offers for these roles on an ongoing basis.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MSFTSecurity #AI #RAI #Safety #Security #MSECAIR #AEGIS #AIIR #CISO