Principal Technical Security Program Manager

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity.

Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

Does protecting over 1 billion customers and making the cyber world a better place sound exciting? Do you have what it takes to be part of one of the world's most crucial security monitoring and detection teams? Do you want to innovate and improve how Microsoft transforms learnings from Intel & incidents into actionable detection and automated processes? This may be an opportunity for you.

The security team seeks a motivated, experienced Principal Technical Security Program Manager to join our team. We are looking for someone who can dig into hard engineering problems to improve the core fundamentals of our systems, add critical and exciting new features, revolutionize how our engineers work day-to-day, and try new things like bringing the power of machine learning and statistical analysis at scale to solve these and other problems.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

• Investigate, analyze, and expand upon security research and real incidents to develop durable detection strategies across the entire kill-chain
• Collaborate with multiple product teams to design sensors, implement detection ideas, and validate their effectiveness using a data-driven approach
• Collaborate with data science teams to understand and identify detection gaps, capabilities, assumptions, and improvements
• Be involved in customer conversations in order to identify opportunities, gaps and concerns
• Responsible for the technical design and vision for building the necessary underlying systems to enable query-ability on the massively large, connected graph cloud inventory to serve billions of resources per day to the callers.
• Work directly on security reviews, formidable & complex automation and remediation workflows across multiple antipatterns.
• Engineer mitigations for subcategories of Root-Cause Analysis (RCA) and antipatterns that we observe based on trends.
• Delivers shift-left mitigations that are designed to eliminate/prevent subcategories of Root-Cause Analysis and antipatterns.
• Identify patterns of failure and Root-Cause Analysis through Machine Learning / ArtificiaI Intelligence prediction for components
• Understand the most important subcategories of Root-Cause Analysis and antipatterns observed through ongoing trend analysis.
• Identifying the “top” Root-Cause Analysis and antipattern categories based on trends.
• Identifying representative subcategories for Root-Cause Analysis and antipatterns for which mitigation Research & Development should be pursued.
• Measuring the impact of mitigations that have been implemented in terms of trend data.
• Analyzing Root-Cause Analysis and antipattern trends that are being observed from incidents, red team ops, and internal/external vulnerability reports.
• Collaborate with other researchers, coordinators, and developers to improve the protection capabilities of the products research, design, and develop shift-left mitigations for subcategories of Root-Cause Analysis and antipatterns, such as in the form of static analysis rules, dynamic analysis rules, platform changes, and so on.