The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. As part of the Microsoft Security organization, and a steward of Microsoft and our customer’s data, a core function of Microsoft DSR is ensuring the security of every aspect of the business. Microsoft DSR is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe.
This is your opportunity to be a leader in protecting the end-to-end developer ecosystems that enable our businesses while protecting the enterprise from current and future threats.
Digital Security and Resilience (DSR) is looking for a Senior Technical Program Manager to improve and expand the security of our software development and deployment platforms through the definition and implementation of security controls leveraging Microsoft security products and custom tooling. As part of a high impact security team, you will be empowered to lead and work across Microsoft’s organizations to raise the bar for protecting the Microsoft software development ecosystem.
As a Senior Technical Program Manager, you will leverage your technical expertise to lead efforts that bring alignment to standards, processes, and technologies used to secure the various software development platforms and tools used in the enterprise. You will identify systemic areas of opportunity, define plans to close gaps, and gain buy-in from teams across Microsoft to execute the plans. You will identify and push for automation and drive towards secure by default environments. Along the way, you will be a trusted voice who shares your knowledge and expertise. Responsibilities
- Provide technical expertise and be a key contributor for developing and implementing a comprehensive roadmap for augmenting the security of Microsoft software development and deployment platforms, tools, and processes.
- Stay abreast of the industry trends and latest security threats to the software developments end-to-end ecosystem including knowledge of competitor products, current attacks, adversary tracking, and academic literature.
- Partner cross-functionally (e.g., across disciplines) to design solutions to prevent attacks, define security controls and associated remediation steps.
- Research, improve, design, optimize and drive implementation of built-in enforcement capabilities, thereby automating secure development operations and related automation tooling and processes.
- Identify and support driving closure of critical security gaps for Microsoft’s end-to-end software developer ecosystem.
- Serve as Azure Dev Ops (ADO) and GitHub security and secure operations point of contact within Microsoft.
- Participate in detailed design, code reviews, bug/issue triage with engineering teams as necessary, and support well informed security decisions in harmony with business and engineering goals.
- Bachelor's Degree AND 4+ years experience in engineering, product/technical program management, data analysis, or product development
- OR equivalent experience.
- 2+ years experience managing cross-functional and/or cross-team projects.
- 4+ years of general cybersecurity experience.
- 1+ year of cloud infrastructure and security operations including experience with configuration and security tooling and operations at scale
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
- 2+ years of experience producing concise and quality technical documentation.
- 5+ years of experience in Technical Program Management, DevOps engineering, DevOps Security, software engineering, or similar role.
- 3+ years program management experience in a software development organization or cloud based organization
- 3+ years hands-on experience in software design, coding, and implementation of secure and reliable cloud-based services
- 3+ years of hands-on experience in Azure DevOps (ADO), GitHub, or equivalent platforms, ideally with focus on secure configuration and operations in the cloud.
Technical Program Management IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $145,800 - $238,600 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
#Cloud #ADO #GitHub
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.