Principal AI Incident Responder

Overview 

Artificial Intelligence (AI) has the potential to change the world around us.  At Microsoft, we are committed to the advancement of .  We are looking for a Principal AI Incident Responder to join a small incubation team to accelerate Microsoft’s capabilities for detecting and responding to AI incidents.  You will serve as a subject matter expert helping connecting teams, technology, and processes to address these risks and threats.  When you are not engaged on active incidents, you are helping build and upskill teams across Microsoft in incident management and the particular differences within the AI ecosystem 

This role works broadly across Microsoft on all levels of the AI stack and the teams supporting this important transformation.  This is part incident responder, part security product manager, and always an advocate for customers and the company.  Are you passionate about the safety and security of AI and how that intersects with our lives?  This may be a great opportunity for you! 

Who we are: 

We are the Artificial Generative Intelligence Security (AeGIS) team, and we are charged with ensuring justified confidence in the safety of Microsoft’s generative AI products.  This encompasses providing an infrastructure for AI safety; serving as a coordination point for all things AI incident response; researching the quickly evolving threat landscape; red teaming AI systems for failures; and empowering Microsoft with this knowledge.  We partner closely with product engineering teams to mitigate and address the full range of threats that face AI services – from traditional security risks to novel security threats like indirect prompt injection and entirely AI-native threats like the manufacture of NCII or Customer Success Account Manager (CSAM) or the use of AI to run automated scams.  We are a mission-driven team intent on delivering trustworthy AI and response processes when it does not live up to those standards. 

We are always learning.  Insatiably curious.  We lean into uncertainty, take risks, and learn quickly from our mistakes.  We build on each other’s ideas, because we are better together.  We are motivated every day to empower others to do and achieve more through our technology and innovation.  Together we make a difference for all of our customers, from end users to Fortune 50 enterprises. 

Our team has people from a wide variety of backgrounds, previous work histories, and life experiences, and we are eager to maintain and grow that diversity.  Our diversity of backgrounds and experiences enables us to create innovative solutions for our customers.  Our culture is collaborative and customer focused. 

What we do: 

The AI Incident Detection & Response team is a small team of subject matter experts that has been brought together to accelerate and support Microsoft’s AI services.  AI has the potential to transform our daily interaction with technology.  Our team keeps the outcome focused on justified trust in Microsoft’s AI services.  We are passionate about ensuring that the transformational opportunities outweigh the possible harms.  When harm occurs, we address them in a timely manner.  We work to improve and create a more resilient system that enables defenders to protect their AI uses and services.  Our team tightly partners throughout Microsoft so that we learn from experience and work to prevent harms before they happen. 

How you can help: 

We are searching for seasoned crisis manager who is interested in expanding their skills and expertise into the AI realm.  The ideal candidate will thrive in ambiguity, identifying critical stakeholders, and delivering results under time constraints.  You should be looking to grow skills enabling other defenders to do the work they know well.  You will be a subject matter expert steering the future of how customers interact with AI incidents and how products detect and support them.  Your passion for customer experience, organization and delivery skills of program management, a keen eye to spot patterns, and a concise communication style will aid you greatly in this role.  Listening, understanding, and talking are all part of this role. 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Required/Minimum Qualifications

• Bachelor’s Degree AND 8+ years experience in product/service/project/program management or software development
• OR equivalent experience.
• 5+ years of experience leading operational functions (e.g. incident response, security research, or threat intelligence) in any security or Internet safety discipline
• Previous record of accomplishment of delivering results despite ambiguity, attention to detail, and the ability to collaborate across a large organization, influencing many functions and teams

Other Requirements 

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.  

Additional or Preferred Qualifications

• Bachelor's Degree AND 10+ years experience in product/service/project/program management or software development
• OR equivalent experience.

• Demonstrated curiosity to learn about attacker patterns and behaviors

• Previous project management skills and experience that includes managing many unique, diverse projects simultaneously and making priority/scheduling trade offs between them

• Knowledge of adversary capabilities, infrastructure, and techniques as well as an understanding of operating system functionality that can be applied to define, develop, and implement the techniques that discover and track the adversaries and threats of today and tomorrow

• Experience in interpersonal awareness

• Communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios

• Ability learn, grow, and drive change

• Knowledge of threat intelligence, incident response methodology, and attacker tradecraft

• Understanding of Microsoft organizations, technologies and products, especially as they relate to security, will ensure a quick start

Product Management IC5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until January 12, 2025

#MSFTSecurity #MSECAIR #AI #RAI #Safety #Security #AEGIS #AIIR

• Helps others understand triage, analysis, and prioritization of cyber forensics involving AI services.
• Contribute to the upskilling of partner teams across company to create timely and repeatable response processes.
• Advocate for policies and procedures (or changes thereof) that ensure that customers can have justified trust in Microsoft’s AI services.
• Ensure business operations are executing well and that nothing is being dropped on the floor.
• Keep stakeholders advised of the opportunities and the threats facing AI services.
• Collaborates with internal and external parties to ensure service level agreement (SLAs) are reached when addressing threats. Supports development of requirements for solutions; defines new requirements and feature sets.
• Contributes to security policy and standards; maintains accurate and comprehensive security policy and standards; designs mitigation strategies to addresses identified gaps in policy. Educates others (e.g., business partners, peers, industry) on security policy. Recognizes patterns and trends and recommends solutions for improvement. Recommends refinement of security policy and standards.
• Work with product engineering teams to ensure appropriate features to enable defenders investigating and remediating AI-related attacks are available. Advocate for quicker, simpler incident response to match the severity of the threats.

Other

• Embody our  and