Sr. Security Services Eng. Manager

Job Description

The mission of Microsoft Digital is to power, protect, and transform Microsoft as the voice of our digital transition in the market. As part of Microsoft s Cloud + AI Group, we are responsible for building, managing, and securing the platform, products, processes, and services that powers Microsoft. We build, maintain, and implement a cloud-first approach to our technology and experiences, from custom-built business solutions developing our campus of the future and our productivity and collaboration experiences like Teams and SharePoint, to horizontal 3rd party solutions like SAP and Adobe. As a steward of Microsoft and our customer s data, a core function of Microsoft Digital is ensuring the security of every aspect of the business. Microsoft Digital is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. Microsoft Digital s charter is also to influence and work alongside engineers across the company and with strategic partners to build and grow their cloud products and services. As customer zero, we deploy these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!Microsoft is seeking an experienced Incident Response Manager to join the Digital Security & Resilience (DSR) Team. As part of this highly collaborative and dynamic organization, you will have the opportunity to lead and work with top talent, some of the newest technologies, and influence security best practices at Microsoft.In the role of Incident Response Manager, you will lead a security response team in partnership with other security, incident, and crisis teams across the enterprise. This work requires real-time problem solving, technical curiosity, excellent judgment, and communications skills. You will perform technical analysis, document findings, and recommendations, develop playbooks, provide timelines, and deliver updates and other communications to a wide range of stakeholders and executives on ongoing incidents.You will also be responsible for attracting and retaining industry-leading talent, developing long-term workforce plans, and driving continuous improvements into the IR program.#DSR

• Provide leadership to incident response personnel. Serve as a mentor, coach, and facilitator to develop an industry-leading cybersecurity team.
• Coordinate response activities across teams or directly with stakeholders to identify and remediate potential threats. Oversee response and stakeholder activity during incident response.
• Communicate status, results, and summaries of security incidents to executive leaders.
• Create clarity and generate energy within the team; deliver success for DSR.
• Build and maintain positive relationships with partner teams, creating opportunities to contribute to the success of others or leverage their efforts to achieve internal goals.
• Lead SOC Operation, foster innovation, and drive accountability within SOC Operations.
• Be a thought leader in security engineering and operations delivery - driving automation, analytics, and advanced threat analysis.
• Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to drive operational excellence.
• Good Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Excellent communication and leadership skills
• Collaborate and consult with PG groups on the overall advancement of the First party Security products by providing actionable feedback to improve the products.
• Collaborate and consult with other groups on the overall advancement of the Emerging Services organization in general.
• Establish operational foundations, defining metrics, KPIs and OKR s to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change.
• Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain employee morale and motivation.
• Other duties as assigned.

,

• 5+ years in incident response or similar information security operations role.
• 5+ years of demonstrated experience in computer security-related disciplines, including but not limited to the following subject areas: software vulnerabilities and exploitation, host forensics, malware analysis, network traffic analysis, Insider Threat, and web-focused security topics.
• Minimum 5 years Security leadership, with experience building long-term career development plans for team members at all levels.
• Exceptional operational rigor with extensive real-world experience SOC operations.
• 3+ years of experience with Advanced Persistent Threat (APT), Spear Phishing, and credential compromise techniques.
• Bachelor s Degree in Information Technology, Information Security/Assurance, Engineering, or similar area of study;
• Demonstrated understanding of Information Security and Networking required.
• Ability to lead and contribute to technical discussion and troubleshooting as required.
• Proven ability to make decisions and perform complex problem-solving activities under pressure.
• Preferred - Knowledge of a cloud computing environment such as Microsoft Azure would be an advantage.
• CISSP or related GIAC certifications

The ideal candidate will have experience in a highly collaborative team environment, Security Operations Center or equivalent experience in enterprise-scale services and platforms, technical depth in a highly dynamic, complex environment. Having strong attention to detail, excellent communication and organization skills will be essential to success in this role.Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Keyskills :
malware analysisequipment supplytechnical analysisproblem solvingnetwork traffic analysisdigital securitytraffic analysisrisk managementsecurity operations centercloud computingmicrosoft azure