Senior Program Manager in ACE (DSRE)
Core Services Engineering builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster and more securely every day. Core Services Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!
Do you have a passion for security and get excited about impacting some of the largest and most complex security challenges Microsoft faces in the enterprise today including cloud and mobile? If the answer is yes, you may be a candidate to join the ACE Team inside the Digital Security Risk and Engineering (DSRE) Organization.
The ACE team is the security assurance & advisory arm of Microsoft's Enterprise security organization. Our team is a dynamic organization chartered with providing Line of Business, Supply Chain and Venture Integration Security assurance as well as advisory services to help effectively identify and mitigate security risks inside the enterprise. We are a high energy, highly collaborative team with a very healthy organization (top WHI scores) and we are deeply committed to have a dramatic impact as a team.
The successful candidate for this role will work across teams, service lines and execute on our ACE strategy to provide end to end security assurance services for Microsoft. This individual will be required to dig into new and emerging technology areas and define not only the security controls and baselines that must be implemented when deploying those products and services, but also in defining the strategy for how our team of assurance analysts will deliver assessments for applications or teams building on these new and emerging technologies. The Microsoft enterprise has modernized its engineering practices and continue to push the envelope for faster innovation by leveraging DevOps, CI/CD, automation and agile approaches. This role will drive thought leadership to align security processes to this modern engineering ecosystem and drive continuous assurance and controls into the engineering and operations processes.
This role will have a lot of exposure to senior roles inside the company and requires a very high level of Organizational Agility, Executive Engagement, Leadership without authority and dealing with ambiguity as well as a good degree of EQ and empathy.Responsibilities:
- Develop & execute on a strategy that focuses on effective and efficient security processes to mitigate risk for Microsoft's enterprise.
- Ensure the controls, platforms and tools which support the assurance processes are aligned to the latest security trends and engineering models.
- Work with Microsoft internal leaders to advocate security & risk management into their businesses.
- Identify and reduce risk through performing technical assessments and remediation activities within agreed service level agreements.
- Must be able to work autonomously as well as in team environments, often in stressful, high impact situations
- Must be familiar with Microsoft and 3rd party PaaS and SaaS technologies
- Must be familiar with industry best practices, certifications, and standards around secure development, security assurance, and supply chain risk management.
- 5+ years of experience in program management.
- 7+ years of experience working in information security.
- Working knowledge information security and risk management processes and controls including security operations, security architecture, security assessments, security engineering, risk management and compliance.
- Outstanding collaboration skills and team player. Enjoy helping your peers to be great.
- Manage ambiguity, with an ability to drive clarity to the team.A growth Mindset is critical as we are looking for new ways to engage and scale our programs.
- Extensive Cybersecurity experience.
- Highly motivated to have a long lasting impact.
- Ability to see the big picture.
- Experience managing matrixed organizations.
- Excellent written, verbal and presentation skills.
- Ability to negotiate with senior talent across the company.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.