Technical Security Compliance Program Manager

Key Skills

Azure, C# Programming, Data Analysis, Data science techniques, Data Visualization, JavaScript, Jupyter Notebook, Kubernetes-K8s, Linux Operating system, Machine learning techniques, Node.js, PowerShell Programming, Product Development, Python Programming, R Programming, Rust, TypeScript

Job Description

Our mission is to enable research as the value creation engine for Microsoft by providing a comprehensive security program that enables innovation while assuring our information and services are safe. We support research teams across the globe in driving advances in research areas, such as Artificial Intelligence, Machine Learning, Health sciences, and Cryptography. 

This is a technical role where you will 

• enhance the security compliance program engineering capabilities for using data and ML to enable compliance across Research.
• be working alongside compliance partners to promote Security Fundamentals in support of company-wide security objectives and coordinating response for the division during any potential incidents.

The candidate

• would be a self-directed technical individual experienced in software engineering and ideally well versed in a variety disciplines such as security data analysis, machine learning & artificial intelligence. 
• will have a proven track record of driving process, tooling and automation improvements based on data and wants the challenge of gathering requirements and building proof of concepts to improve visibility of emerging risk areas across our environments and integrating new tools and automation for Compliance.

You will get to work closely with compliance SMEs, the Release Program owners, and the best researchers around the globe, so the right individual will have a service-oriented business acumen and be open to a growth-oriented collaborative workstyle.

You will have the freedom to work independently, be thrust into ambiguous learning experiences and be empowered to drive decisions and solutions to protect the organization, so this person should be agile, willing to learn and not afraid to fail fast.

If you want to be part of making the future a safer place, come talk to us.

Qualifications

Required/Minimum Qualifications

• Bachelor's Degree AND 4+ years experience in engineering, product/technical program management, data analysis, or product development
• OR equivalent experience.
• 2+ years experience managing cross-functional and/or cross-team projects.
• 4+ years in any operational security or compliance related field experiences, including but not limited to: threat detection, incident response, application assurance, vulnerability management.
• 4+ years hands-on Programming or data science experience in one of more of the following: C#, R, Rust, Python, PowerShell, Typescript, JavaScript, node.js

Additional or Preferred Qualifications

• Bachelor's Degree AND 8+ years experience in engineering, product/technical program management, data analysis, or product development
• OR equivalent experience.
• 6+ years experience managing cross-functional and/or cross-team projects.

• 1+ year(s) experience reading and/or writing code (e.g., sample documentation, product demos)
• BA/BS/MS in computer science, information security, data science, -or- related field and work experience equivalent to 4+ years specialization in Security, development, or data science engineering
• Familiarity with current software development tools and containerization technologies that may include: ADO, Github, AzureML, Jupiter Notebooks, PowerAutomate, PowerApps, Azure Functions, Azure Linux, Kubernetes
• Security industry accepted certifications (CISSP, A+, CEH)
• 4+ years professional experience in data analysis, machine learning, reporting and data visualization practices.
• 3+ years professional experience in a dedicated security or customer supporting function
• 3 or more years of project management experience

Technical Program Management IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $145,800 - $238,600 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Responsibilities

In this role you will contribute to the following:

• Handle incident response activities: coordinating teams, help triage and handle vulnerabilities and reported events.
• Understand the competitive landscape and emerging issues and apply that in day-day work to provide proactive security guidance to Research teams.
• Identify and drive decisions by appropriately escalating security issues to responsible owners
• Educate teams on security practices and release requirements
• facilitate technical deep-dives and security threat model assessments to evaluate emerging threats
• Conduct security reviews and coordinate penetration testing exercises on an as-needed basis
• Primary person responsible for orchestrating development and engineering efforts across compliance.
• Develop tools and automation in support of release reviews and data analysis.
• Build data visualizations and dashboards in support or Release and Compliance functions.
• Some portion of time will also be shared with teams ad-hoc as an engineering security SME during design/planning stages to help ensure Security requirements are built in.