Senior Cybersecurity Program Manager

As the demand for compute power and hyperscale cloud solutions escalates, Microsoft's Cloud Operations + Innovation (CO+I) is at the vanguard of building and securing this rapidly growing infrastructure. You will work alongside experts in cybersecurity, threat management, and service delivery to ensure datacenter critical infrastructure is safe from potential operational and cybersecurity threats. 

As a Senior Cybersecurity Program Manager responsible for Threat Detection, you will partner with engineering teams to identify and leverage telemetry from multiple systems to detect behaviors that could adversely affect life safety or datacenter operations. You will deepen your understanding of security management, develop expertise in data-driven threat and vulnerability analysis, and fine-tune your analytic skills. You will have the unique opportunity to contribute to the advancement of Microsoft's threat analysis program specific to monitoring systems that support physical security, electrical, and building management processes. Flexibility in work location is available.  

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

*This role is located either in one or all hub locations - Atlanta, GA, Washington, D.C., Redmond, WA, San Antonio, TX or Phoenix, AZ.
*Relocation support will be provided, and successful candidates must relocate or reside within 50 miles of the hub office location.
*This role is eligible for hybrid or remote work, up to 100%.

Required Qualifications:

• Bachelor's Degree AND 4+ years experience in engineering, product/technical program management, data analysis, or product development
  • OR equivalent experience.
• 2+ years of experience with Microsoft's Azure Sentinel or equivalent security information and event management (SIEM), Power BI for data visualization and reporting, and tools such as Azure Data Explorer and Kusto Query Language (KQL) for data querying.
• 2+ years of experience with case management tools or open-source intelligence (OSINT) tools. 
• 2+ years of experience managing cross-functional and/or cross-team projects.

Other Requirements: 

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: 

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

 Additional or preferred qualifications:

• 1+ year(s) of experience reading and/or writing code (e.g., sample documentation, product demos).

• 6+ years of experience managing cross-functional and/or cross-team projects. Bachelor's Degree AND 8+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience. 

• Experience leveraging and applying NIST Cybersecurity Framework or MITRE ATT&CK for Industrial Control Systems or operational technology (ICS). 

• Experience working with intelligence teams.

Technical Program Management IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until January 19, 2025.

#COICareers | #EPCCareers | #DCDCareers

• You will gather, analyze, and evaluate information to identify, categorize, and characterize existing and potential threats to datacenter critical infrastructure. 
• You will monitor the development of current, emerging, and evolving threats that may impact datacenter operations.  
• You will identify assets or operations with vulnerabilities that can be exploited by threats. You will evaluate threat actor activities, synthesize key intelligence, and help inform stakeholders through comprehensive awareness initiatives. 
• You will leverage your understanding of the security landscape to identify data requirements for threat and vulnerability analysis. Collaborating with engineering teams and other stakeholders, you will develop data-driven insights and recommendations to enhance datacenter critical infrastructure cyber defense.  
• You will act as the expert for sourcing high-quality data and building resilient data pipelines. You will support threat and vulnerability analysis by guiding the data analysis process and contributing to informed security decisions. 
• You will partner with engineering teams to build systems for data reception, analysis, and alerting ensuring the program can fully leverage available data and deliver valuable insights.
• You will identify data collection and analysis opportunities, generating awareness of threats and vulnerabilities, and prioritizing tasks to meet organizational needs. 
• You will identity and implement Objectives and Key Results with Key Performance Indicators to define and measure program targets, progress, and effectiveness. 
• You will develop and apply a solid understanding of threats and counterintelligence including knowledge of advanced threat actor profiles, tactics, and procedures. You will analyze threat groups and utilize open-source information to enhance threat and vulnerability assessments.  
• You will assist in developing public, private, and supplier security partnerships. You will contribute to collaborative efforts with stakeholders, industry partners, and government to support security capabilities and extend threat and vulnerability awareness initiatives into the supply chain. You will ensure datacenter suppliers are aware of threats and advocate for the integration of our security initiatives across the supply chain.  
• You will work with case management software and open-source intelligence (OSINT) collection tools to support investigations and threat assessments. You will leverage these tools to collect, analyze, and manage data, ensuring comprehensive and accurate threat analysis.