Principal AI Product Manager

Overview 

Artificial Intelligence (AI) has the potential to change the world around us.  At Microsoft, we are committed to the advancement of .  We are looking for a Principal AI Product Manager to join a small incubation team to accelerate Microsoft’s capabilities for detecting and responding to AI incidents.  You will work closely with product engineering teams and centralized function teams to educate and prepare them for responding when issues occur. 

This role works broadly across Microsoft on all levels of the AI stack and the teams supporting this important transformation.  This is part incident responder, part security product manager, and always an advocate for customers and the company.  Are you passionate about the safety and security of AI and how that intersects with our lives?  This may be a great opportunity for you!  

Who we are: 

We are the Artificial Generative Intelligence Security (AeGIS) team, and we are charged with ensuring justified confidence in the safety of Microsoft’s generative AI products.  This encompasses providing an infrastructure for AI safety; serving as a coordination point for all things AI incident response; researching the quickly evolving threat landscape; red teaming AI systems for failures; and empowering Microsoft with this knowledge.  We partner closely with product engineering teams to mitigate and address the full range of threats that face AI services – from traditional security risks to novel security threats like indirect prompt injection and entirely AI-native threats like the manufacture of NCII or Customer Success Account Manager (CSAM) or the use of AI to run automated scams.  We are a mission-driven team intent on delivering trustworthy AI and response processes when it does not live up to those standards. 

We are always learning.  Insatiably curious.  We lean into uncertainty, take risks, and learn quickly from our mistakes.  We build on each other’s ideas, because we are better together.  We are motivated every day to empower others to do and achieve more through our technology and innovation.  Together we make a difference for all of our customers, from end users to Fortune 50 enterprises. 

Our team has people from a wide variety of backgrounds, previous work histories, and life experiences, and we are eager to maintain and grow that diversity.  Our diversity of backgrounds and experiences enables us to create innovative solutions for our customers.  Our culture is collaborative and customer focused. 

What we do: 

The AI Incident Detection & Response team is a small team of subject matter experts that has been brought together to accelerate and support Microsoft’s AI services.  AI has the potential to transform our daily interaction with technology.  Our team keeps the outcome focused on justified trust in Microsoft’s AI services.  We are passionate about ensuring that the transformational opportunities outweigh the possible harms.  When harm occurs, we address them in a timely manner.  We work to improve and create a more resilient system that enables defenders to protect their AI uses and services.  Our team tightly partners throughout Microsoft so that we learn from experience and work to prevent harms before they happen. 

How you can help: 

We are searching for seasoned security product manager who is interested in expanding their skills and expertise into the AI realm.  The ideal candidate will flourish in upskilling others and understanding threats and their impacts.  Your experience in crisis management will help guide and inform teams building the services to prepare what may lie ahead for them.  Your passion for customer experience, organization and delivery skills of program management, a keen eye to spot patterns, and a concise communication style will aid you greatly in this role.  Listening, understanding, and talking are all part of this role. 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Required/Minimum Qualifications

• Bachelor’s Degree AND 8+ years experience in product/service/project/program management or software development
• OR equivalent experience.
• 5+ years of experience leading operational functions (e.g. incident response, security research, or threat intelligence) in any security or Internet safety discipline
• Previous record of accomplishment of delivering results despite ambiguity, attention to detail, and the ability to collaborate across a large organization, influencing many functions and teams

Other Requirements 

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.  

Additional or Preferred Qualifications

• Bachelor's Degree AND 10+ years experience in product/service/project/program management or software development
• OR equivalent experience.

• Previous project management skills and experience that includes managing many unique, diverse projects simultaneously and making priority/scheduling trade offs between them

• Knowledge of adversary capabilities, infrastructure, and techniques as well as an understanding of operating system functionality that can be applied to define, develop, and implement the techniques that discover and track the adversaries and threats of today and tomorrow

• Experience in interpersonal awareness

• Communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios

• Ability learn, grow, and drive change

• Knowledge of threat intelligence, incident response methodology, and attacker tradecraft

• Understanding of Microsoft organizations, technologies and products, especially as they relate to security, will ensure a quick start

•  

Product Management IC5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until January 12, 2025

#MSFTSecurity #MSECAIR #AI #RAI #Safety #Security #AEGIS #AIIR

• Helps others understand triage, analysis, and prioritization of cyber forensics involving AI services.
• Contribute to the upskilling of partner teams across company to create timely and repeatable response processes.
• Conduct table top exercises with partners to prepare them for response activities. Based on those exercises work with teams to close gaps in knowledge and process.
• Conduct threat modeling exercises with partners based on past incidents.
• Drive open source intelligence review, work with engineering teams to address issues identified, and prepare the field with appropriate knowledge.
• Advocate for policies and procedures (or changes thereof) that ensure that customers can have justified trust in Microsoft’s AI services.
• Collaborates with internal and external parties to ensure service level agreement (SLAs) are reached when addressing threats. Supports development of requirements for solutions; defines new requirements and feature sets.
• Contributes to security policy and standards; maintains accurate and comprehensive security policy and standards; designs mitigation strategies to addresses identified gaps in policy. Educates others (e.g., business partners, peers, industry) on security policy. Recognizes patterns and trends and recommends solutions for improvement. Recommends refinement of security policy and standards.

Other

• Embody our  and