OA-Senior Security Product Manager

1 Day ago • 5-7 Years • Cyber Security • $117,200 PA - $229,200 PA

Job Summary

Job Description

The Senior Security Product Manager at Microsoft's AI Security team in Redmond, WA, will be responsible for proactively identifying and mitigating security risks in Microsoft's AI offerings. This involves collaborating with engineering teams, conducting threat modeling, performing security assessments on web and mobile applications, and cloud services. The role requires strong experience in the Security Development Lifecycle (SDL), application security standards (OWASP, ASVS, CWE), and security tools. Responsibilities include specifying security controls, driving a security culture, training engineering teams, and implementing security automation. The ideal candidate possesses a deep understanding of security best practices and a proven track record of successfully delivering complex projects.
Must have:
  • 5+ years experience in security development/engineering
  • 5+ years experience with SDL
  • Experience with security threat modeling
  • Strong collaboration and partnership skills
  • Experience in security assessments
Good to have:
  • Experience with Security compliance programs
  • Familiarity with web proxies (Burp, ZAP, Fiddler)
  • Coding skills (Java, Ruby, etc.)
  • Experience managing security compliance related engineering programs

Job Details

Overview

Our Application Security Team is currently hiring a Senior Security Product Manager in Redmond, WA.

 

Security is foundational to all product and service offerings from Microsoft. Microsoft’s Secure Futures Initiative is the number one priority for the company. We need an experienced security professional with a deep-rooted passion in identifying security issues before they impact millions of users. As part of the Microsoft AI Security team, you will collaborate with product engineering to innovate software design to defend against a continued and emerging security threat landscape. 

Application Security team, advises on critical security design elements, proactively identifying architectural vulnerabilities and collaborates on solutions and design modifications to improve the overall security posture of Microsoft AI (Artificial Intelligence) offerings.

This team partners with product engineering, penetration testers and security personnel,

Team members are subject matter experts and are a mentor to others on the security discipline. 

 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees, we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. 

 

Start your journey with Microsoft AI, Microsoft Edge, Microsoft Search and Bing, Microsoft News, Microsoft Maps and Microsoft Advertising today! 

Qualifications

Required/Minimum Qualifications:

  • Bachelor’s Degree AND 5+ years experience in product/service/project/program management or software development
    • OR equivalent experience
  • 5+ years experience in security development and engineering, security consulting, or application penetration testing. 
  • 5+ years of hands-on and strong experience with the Security Development Lifecycle (SDL). 

Additional or Preferred Qualifications 

  • Bachelor's Degree AND 7+ years experience in product/service/project/program management or software development
    • OR equivalent experience.
  • Experience with Security threat modeling for new features.  
  • Experience conducting security assessments on Web Applications, Mobile Applications, Cloud Services running on variety of operating systems including containers. 
  • Experience with application security standards such as OWASP(Open Web Application Security Project ASVS (Application Security Verification Standard)/Top 10, CWE (Common Weakness Enumeration) 25.  
  • Experience with common security libraries, security controls, and common security flaws.   
  • Outstanding collaboration and partnership skills, with proven ability to drive results across teams.  
  • Coding skills in one or more general purpose scripting languages.
  • Experience managing security compliance related engineering programs. 
  • Familiarity with web proxies such as Burp, OWASP ZAP (Zed Attack Proxy) or Fiddler.  
  • Development or scripting experience. Java, Ruby, Ruby on Rails, GraphQL, REST.  
  • Demonstrated experience in successfully designing, delivering, and iterating on complex projects with a diverse set of stakeholders

 

Product Management IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until September 8, 2024. 

 

 

 

#Search# #MAI# #Security# #ApplicationSecurity# #MAIFundamentals# //platformjobs

Responsibilities

  • Be the security contact for teams building new innovative services and technologies in the next version of Microsoft AI. 
  • Specify new security controls needed to reduce risks identified from security reviews and threat modelling exercises or from security incidents and specify these new controls as requirements to be added the organization’s SDL process. 
  • Proactively research new technologies, make technology recommendations. 
  • Drive and cultivate a positive culture of security across the engineering teams. Train product engineering to recognize bad patterns and innovate ways for developers to learn to identify security bad practice. 
  • Work with our security engineering team and product teams to identify, define and implement security controls and automation 
  • Leverage a broad and current understanding of security to envision new protections and baseline secure by design behavior 

Other

  • Embody our    

Similar Jobs

Google - Software Engineer III, Mobile (Android), YouTube

Google

San Bruno, California, United States (On-Site)
1 Week ago
Krafton  - IT Service Developer

Krafton

Seoul, South Korea (On-Site)
1 Month ago
Google - Software Engineer II, BigQuery, Catalog

Google

Kraków, Lesser Poland Voivodeship, Poland (On-Site)
1 Day ago
Canva - Staff Backend Engineer - Product Insights Enablement - Java

Canva

Sydney, New South Wales, Australia (Remote)
2 Months ago
Next Level Business Services - Sr. Java Developer

Next Level Business Services

Chicago, Illinois, United States (On-Site)
6 Months ago
Google - Technical Security Advisor, Cloud Security

Google

São Paulo, State Of São Paulo, Brazil (On-Site)
1 Day ago
PlayStation Global - Senior Application Security Engineer

PlayStation Global

United States (Remote)
2 Months ago
Normalyze - Customer Success Engineer - Data Security - Implementation - DSPM - Bangalore

Normalyze

Bengaluru, Karnataka, India (Remote)
6 Months ago
Netflix - Engineering Manager, Security Incident Response

Netflix

Poland (Remote)
1 Week ago
PhonePe - Product Security Engineer

PhonePe

Bengaluru, Karnataka, India (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

ByteDance - Backend Engineer (Machine Learning System) Intern - 2025 Start

ByteDance

Singapore (On-Site)
6 Months ago
ByteDance - Senior Site Reliability Architect - Security Engineering - San Jose

ByteDance

San Jose, California, United States (On-Site)
4 Months ago
SmileGate - Game Data Engineer [LOST ARK]

SmileGate

Seongnam-si, Gyeonggi-do, South Korea (On-Site)
3 Months ago
Google - Wearable Telemetry Tech Lead

Google

Bucharest, Bucharest, Romania (On-Site)
1 Week ago
Google - Software Engineer III, Full Stack, Corporate Engineering

Google

Hyderabad, Telangana, India (On-Site)
1 Day ago
GoMotive - Software Engineer, Backend

GoMotive

India (Remote)
1 Month ago
Google - Software Engineer II, Android Automotive

Google

Kraków, Lesser Poland Voivodeship, Poland (On-Site)
1 Week ago
Sony Interactive Entertainment - System Development Engineer (PlayStation Platform Game Content Authorship and Delivery System)

Sony Interactive Entertainment

Tokyo, Japan (On-Site)
3 Weeks ago
ARHS - Fullstack Developer

ARHS

Liège, Wallonia, Belgium (On-Site)
6 Months ago
Google - Virtual Machine Manager, Software Engineer II, Full Stack

Google

Warsaw, Masovian Voivodeship, Poland (On-Site)
1 Week ago

Get notifed when new similar jobs are uploaded

Jobs in Redmond, Washington, United States

Zoox - Senior Machine Learning Engineer - Collision Avoidance System

Zoox

Foster City, California, United States (Hybrid)
6 Months ago
Coursera - Compensation Manager, Global Rewards

Coursera

United States (Remote)
1 Month ago
Google - Software Engineer III, Full Stack, Google Ads

Google

Los Angeles, California, United States (On-Site)
5 Months ago
The Walt Disney Company - Sr Event Services Manager

The Walt Disney Company

Lake Buena Vista, Florida, United States (On-Site)
1 Day ago
Microsoft - Member of Technical Staff, AI Data

Microsoft

Mountain View, California, United States (On-Site)
1 Month ago
Google - Staff Research Scientist

Google

Goleta, California, United States (On-Site)
1 Week ago
Anavation - AnaVation General Consideration

Anavation

Chantilly, Virginia, United States (Hybrid)
6 Months ago
Zoox - Senior Software Engineer - High Performance Computing

Zoox

Foster City, California, United States (Hybrid)
6 Months ago
Google - Technical Program Manager III, Battery Engineering, Platforms and Devices

Google

Mountain View, California, United States (On-Site)
1 Week ago
Corsair - Director, D2C eCommerce

Corsair

Milpitas, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - IN-Senior Associate – D365 POS Technical-Ms Dynamics–Advisory_Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
6 Months ago
PwC - Security Operations Center and Incident Response Manager

PwC

Makati, Metro Manila, Philippines (On-Site)
7 Months ago
Google - Senior Validation Security Consultant

Google

Reston, Virginia, United States (On-Site)
1 Day ago
PwC - ETIC, Cybersecurity Cloud Security - Manager

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
7 Months ago
Postman - Senior Security Engineer, Detection & Response

Postman

Bengaluru, Karnataka, India (On-Site)
6 Months ago
PwC - Manager / Senior Manager Cyber Technology and Transformation

PwC

Zürich, Zurich, Switzerland (On-Site)
7 Months ago
ByteDance - Security Operations Manager

ByteDance

Jakarta, Jakarta, Indonesia (On-Site)
2 Months ago
Google - Software Engineering Manager, Security Intelligence Platform

Google

San Francisco, California, United States (On-Site)
1 Week ago
Optiv - End Game - Sr. Engineer | Onsite, Bangalore

Optiv

Bengaluru, Karnataka, India (On-Site)
9 Months ago
Google - Security Manager, Google Data Centers

Google

Council Bluffs, Iowa, United States (On-Site)
1 Week ago

Get notifed when new similar jobs are uploaded

About The Company

Microsoft is a tech giant that develops, licenses, and supports a range of software products, services, and devices.

London, England, United Kingdom (On-Site)

Redmond, Washington, United States (On-Site)

Redmond, Washington, United States (Hybrid)

Shanghai, Shanghai, China (Hybrid)

Beijing, Beijing, China (On-Site)

Washington, United States (On-Site)

Phoenix, Arizona, United States (On-Site)

Penang, Malaysia (On-Site)

London, England, United Kingdom (On-Site)

View All Jobs

Get notified when new jobs are added by Microsoft

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug