The Security, Compliance, Identity & Management (SCIM) team accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments. We have exciting opportunities for you to innovate, influence, transform, inspire, and grow within our organization and we encourage you to apply to learn more! 

The Digital Security + Resilience team in SCIM is looking Security Assurance Professionals to play a key role within the organization to drive the strategy and execution of building and operating the services to secure the enterprise. The ACE team is the security assurance & advisory arm of Microsoft’s Enterprise security organization. Our team is a dynamic organization chartered with providing Security Automation, Line of Business, Supply Chain and Infrastructure Security assurance as well as advisory services to help effectively identify and mitigate security risks inside the enterprise.

The successful candidate for this role will work across teams, service lines and execute on our ACE strategy to provide end to end security assurance services for Microsoft. This individual will be required to dig into new and emerging technology areas and define not only the security controls and workflows that must be implemented when deploying those products and services, but also in defining the strategy for how our team of assurance analysts will deliver assessments for applications or teams building on these new and emerging technologies. The Microsoft enterprise has modernized its engineering practices and continue to push the envelope for faster innovation by leveraging DevOps, CI/CD, automation, and agile approaches. This role will drive thought leadership to align security processes to this modern engineering ecosystem and drive continuous assurance and controls into the engineering and operations processes.

This role will have a lot of exposure to senior roles inside the company and requires a very high level of Organizational Agility, Executive Engagement, Leadership without authority and dealing with ambiguity as well as a good degree of EQ and empathy.

Responsibilities

Responsibilities:

• Provide security subject matter expertise and conduct security reviews.
• Lead & execute on a strategy that focuses on effective and efficient security processes to mitigate risk for Microsoft’s enterprise.
• Ensure the controls, platforms and tools which support the assurance processes are aligned to the latest security trends and engineering models.
• Work with other security assurance and security tooling teams across Microsoft to ensure a One Microsoft approach wherever possible for at-scale security assurance.
• Collaborate effectively with other engineering and pen-test teams.

Basic requirements:

• 5+ years of experience working as a information security professional, technical program management or similar engineering role.
• 3+ years’ experience of Infrastructure Assessment, application security experience or similar experience

Preferred requirements:

• Prior experience in application security and/or security assessment programs.
  Experience with cloud security assessment or cloud application development using Azure or another major cloud provider.
• Bachelor’s or Master’s degree in Computer Science, Information Technology, or Cybersecurity or relevant industry certifications.
• Excellent written, verbal and presentation skills.
• Highly motivated and collaborative.
• Strong judgment, decision making skills, and the ability to thrive in fast-paced and ambiguous situations.
• Strong desire to innovate, grow, and learn as the industry continually evolves.
• Experience with of one or more of the following: threat modelling, identity management, web application development, DevSecOps.

Qualifications

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. 

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.