Senior Security Product Manager

1 Month ago • 5-7 Years • Cyber Security • $117,200 PA - $250,200 PA

Job Summary

Job Description

Microsoft's Application Security Team seeks a Senior Security Product Manager in Redmond, WA. This role requires a deep understanding of security development and the Security Development Lifecycle (SDL). Responsibilities include acting as the security contact for new AI services, specifying security controls, conducting threat modeling, proactively researching new technologies, driving a security culture within engineering teams, training developers, and working with security engineering and product teams to implement security controls and automation. The ideal candidate will have a strong background in application security, threat modeling, security assessments, and collaboration. Experience with OWASP, CWE, and common security libraries is crucial. This is a full-time position.
Must have:
  • 5+ years experience in security development/engineering
  • Strong experience with SDL
  • Security threat modeling experience
  • Experience with security assessments
  • Knowledge of OWASP, CWE
  • Excellent collaboration skills
Good to have:
  • Experience with security compliance programs
  • Familiarity with web proxies (Burp, ZAP, Fiddler)
  • Coding skills (Java, Ruby, etc.)
  • Experience managing complex projects

Job Details

Overview

Our Application Security Team is currently hiring a Senior Security Product Manager in Redmond, WA.

 

Security is foundational to all product and service offerings from Microsoft. Microsoft’s Secure Futures Initiative is the number one priority for the company. We need an experienced security professional with a deep-rooted passion in identifying security issues before they impact millions of users. As part of the Microsoft AI Security team, you will collaborate with product engineering to innovate software design to defend against a continued and emerging security threat landscape. 

Application Security team, advises on critical security design elements, proactively identifying architectural vulnerabilities and collaborates on solutions and design modifications to improve the overall security posture of Microsoft AI (Artificial Intelligence) offerings.

This team partners with product engineering, penetration testers and security personnel,

Team members are subject matter experts and are a mentor to others on the security discipline. 

 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees, we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. 

 

Start your journey with Microsoft AI, Microsoft Edge, Microsoft Search and Bing, Microsoft News, Microsoft Maps and Microsoft Advertising today! 

Qualifications

Required/Minimum Qualifications:

  • Bachelor’s Degree AND 5+ years experience in product/service/project/program management or software development
    • OR equivalent experience
  • 5+ years experience in security development and engineering, security consulting, or application penetration testing. 
  • 5+ years of hands-on and strong experience with the Security Development Lifecycle (SDL). 

Additional or Preferred Qualifications 

  • Bachelor's Degree AND 7+ years experience in product/service/project/program management or software development
    • OR equivalent experience.
  • Experience with Security threat modeling for new features.  
  • Experience conducting security assessments on Web Applications, Mobile Applications, Cloud Services running on variety of operating systems including containers. 
  • Experience with application security standards such as OWASP(Open Web Application Security Project ASVS (Application Security Verification Standard)/Top 10, CWE (Common Weakness Enumeration) 25.  
  • Experience with common security libraries, security controls, and common security flaws.   
  • Outstanding collaboration and partnership skills, with proven ability to drive results across teams.  
  • Coding skills in one or more general purpose scripting languages.
  • Experience managing security compliance related engineering programs. 
  • Familiarity with web proxies such as Burp, OWASP ZAP (Zed Attack Proxy) or Fiddler.  
  • Development or scripting experience. Java, Ruby, Ruby on Rails, GraphQL, REST.  
  • Demonstrated experience in successfully designing, delivering, and iterating on complex projects with a diverse set of stakeholders

 

Product Management IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until September 8, 2024. 

 

 

 

#Search# #MAI# #Security# #ApplicationSecurity# #MAIFundamentals# //platformjobs

Responsibilities

  • Be the security contact for teams building new innovative services and technologies in the next version of Microsoft AI. 
  • Specify new security controls needed to reduce risks identified from security reviews and threat modelling exercises or from security incidents and specify these new controls as requirements to be added the organization’s SDL process. 
  • Proactively research new technologies, make technology recommendations. 
  • Drive and cultivate a positive culture of security across the engineering teams. Train product engineering to recognize bad patterns and innovate ways for developers to learn to identify security bad practice. 
  • Work with our security engineering team and product teams to identify, define and implement security controls and automation 
  • Leverage a broad and current understanding of security to envision new protections and baseline secure by design behavior 

Other

  • Embody our    

Similar Jobs

ByteDance - Software Engineer Intern, Authorization

ByteDance

Singapore (On-Site)
1 Month ago
Google - Performance Lead, YouTube Support Operations

Google

Bengaluru, Karnataka, India (On-Site)
1 Month ago
SiftHub - Senior Software Engineer (Backend)

SiftHub

Mumbai, Maharashtra, India (On-Site)
7 Months ago
ByteDance - Software Engineer, Business Integrity

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
Microsoft - Senior Software Engineer - Frontend

Microsoft

Hyderabad, Telangana, India (On-Site)
1 Month ago
Rackspace Technology - SOC Analyst L3 (Sentinel is mandatory) - R-19060

Rackspace Technology

Gurugram, Haryana, India (Hybrid)
7 Months ago
The Walt Disney Company - Senior Security Specialist - Governance

The Walt Disney Company

Orlando, Florida, United States (On-Site)
2 Months ago
PwC - Digital Forensic and Electronic Discovery Expert – Senior Associate

PwC

Zürich, Zurich, Switzerland (On-Site)
7 Months ago
Evolution - IT Security Engineer (Red team)/ Penetration tester

Evolution

Sofia, Sofia City Province, Bulgaria (On-Site)
6 Months ago
Tencent - Senior Client-Side Security Engineer

Tencent

Shenzhen, Guangdong Province, China (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Google - Software Engineer III, Android Enterprise

Google

Bucharest, Bucharest, Romania (On-Site)
1 Month ago
Netflix - Software Engineer (L4/L5), Android Games SDK

Netflix

United States (Remote)
1 Month ago
Next Level Business Services - Senior Java, Cloud Foundry Developer (Full Time)

Next Level Business Services

Herndon, Virginia, United States (On-Site)
7 Months ago
Google - Technical Solutions Engineer, Data, Google Cloud

Google

Seoul, South Korea (On-Site)
1 Month ago
The Walt Disney Company - Lead Machine Learning Engineer

The Walt Disney Company

New York, New York, United States (On-Site)
3 Months ago
GoMotive - Software Engineer, Backend

GoMotive

India (Remote)
2 Months ago
The Walt Disney Company - Lead Integration Developer

The Walt Disney Company

Montévrain, Île-de-France, France (On-Site)
3 Months ago
ByteDance - Service Framework Software Engineer Intern

ByteDance

Singapore (On-Site)
1 Month ago
Stonewall Collision & Auto Painting - Senior Data Scientist

Stonewall Collision & Auto Painting

Vijayawada, Andhra Pradesh, India (On-Site)
8 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Redmond, Washington, United States

Framestore - Executive Producer

Framestore

New York, New York, United States (Hybrid)
1 Month ago
Sony Pictures Animation - Associate Production Manager - Feature

Sony Pictures Animation

Culver City, California, United States (On-Site)
4 Months ago
Riot Games - Technical Product Manager III - PETS

Riot Games

Los Angeles, California, United States (On-Site)
1 Month ago
Patreon - Sales Operations Associate

Patreon

California, United States (Hybrid)
1 Month ago
ByteDance - Security System Engineer

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
NVIDIA - Solutions Architect, Networking - Cloud Service Providers

NVIDIA

Redmond, Washington, United States (Hybrid)
1 Month ago
ION - Services Director

ION

New York, New York, United States (On-Site)
7 Months ago
ByteDance - AI Research Engineer, Large Language Model (Applied Machine Learning)

ByteDance

San Jose, California, United States (On-Site)
6 Months ago
ION - Sales and Account Manager - 7992

ION

Chicago, Illinois, United States (On-Site)
7 Months ago
Life church - Marketing Strategist

Life church

Edmond, Oklahoma, United States (On-Site)
7 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - Consultoría I Consultor Senior Ciberseguridad OT

PwC

Madrid, Community Of Madrid, Spain (On-Site)
7 Months ago
ION - Senior Security Architect

ION

Collecchio, Emilia-Romagna, Italy (On-Site)
7 Months ago
Microsoft - Technical Support Engineer

Microsoft

(Hybrid)
1 Month ago
ION - Senior Security Architect

ION

Collecchio, Emilia-Romagna, Italy (On-Site)
7 Months ago
ION - Junior Cyber Security Analyst

ION

Pisa, Tuscany, Italy (Hybrid)
7 Months ago
Google - Partner Engineer, Security, Google Cloud

Google

São Paulo, State Of São Paulo, Brazil (On-Site)
1 Month ago
PwC - Project Manager Security Testing

PwC

Amsterdam, North Holland, Netherlands (On-Site)
4 Months ago
Google - Cyber Defense Senior Detection Engineer

Google

California, United States (On-Site)
1 Month ago
Inworld AI - IT Security & Compliance Lead

Inworld AI

Mountain View, California, United States (Hybrid)
1 Month ago
ByteDance - Research Scientist, Data Management and Security - Infrastructure System Lab

ByteDance

San Jose, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

Microsoft is a tech giant that develops, licenses, and supports a range of software products, services, and devices.

Vancouver, British Columbia, Canada (On-Site)

Mountain View, California, United States (Hybrid)

Shenzhen, Guangdong Province, China (On-Site)

Noida, Uttar Pradesh, India (On-Site)

Redmond, Washington, United States (On-Site)

Paris, Île-de-France, France (On-Site)

View All Jobs

Get notified when new jobs are added by Microsoft

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug