Microsoft AR/VR Job | Senior Security Program Manager
Job(岗位): Senior Security Program Manager
Type(岗位类型): Engineering
Citys(岗位城市): Redmond, United States
Date(发布日期): 2022-1-7
Summary(岗位介绍)
In Mixed Reality, people—not devices—are at the center of everything we do. Our tech moves beyond screens and pixels, creating a new reality aimed at bringing us closer together—whether that’s scientists “meeting” on the surface of a virtual Mars or some yet undreamt-of possibility. To get there, we’re incorporating groundbreaking technologies, from the revolutionary Holographic Processing Unit to computer vision, machine learning, human-computer interaction, and more.
We’re a growing team of talented engineers, program managers and artists putting technology on a human path across all Windows devices, including Microsoft HoloLens, the Internet of Things, phones, tablets, desktops, and Xbox. Our team has people from a wide variety of backgrounds, identities, previous work histories, life experiences, and we are eager to maintain and grow that diversity. Our varied backgrounds and unique experiences enable us to be better at building the best solutions for our customers and make for dynamic and joyful collaborations with colleagues!
If you are passionate about groundbreaking Mixed Reality technology and want to work on a team dedicated to a culture of inclusion, growth mindset and collaboration, we need you!
The Mixed Reality Security Governance and Compliance team is responsible for assessing and implementing security controls and policies for our products and systems. Mixed Reality Security works closely with product teams and partners within Microsoft to ensure all products and systems follow best practices and meet regulatory compliance. We manage a mix of government projects as well as commercial software and hardware. Our team has a unique set of needs due to the cutting edge nature of the Mixed Reality business.
Qualifications(岗位要求)
Required Qualifications:
- Must be U.S. Citizen to meet government screening requirements
- 5+ years experience in building and maintaining an Infosec Security Program with investigations, threat detection & analysis in a R&D product environment
- 5+ years running and managing InfoSec Incident Response team
- 3+ years hands-on experience with Azure/Azure Gov products and security offerings
- 2+ years of direct experience operationalizing NIST 800-171 regulations and U.S.G. Export Control laws (ITAR, EAR) in R&D environment
- 2+ years direct experience with information, physical security and industry best practices and emerging threats
Preferred Qualifications:
- Must possess an ability to work well under pressure while maintaining a professional image and approach while dealing with ambiguity and problem definition under time-line constraints
- Must be comfortable working in a fast-paced environment and able to manage multiple, disparate activities at once
- Excellent communication skills both written and verbal to executive leadership as well as highly technical engineers and partner organizations
- Ability to take complex topics and succinctly describe to an audience that is not always deep in security expertise
- Awareness of modern security related subjects and trends such as threat hunting and modeling, digital forensics, reverse engineering, phishing, and penetration testing
- Experience with cloud computing, online services, enterprise software development, engineering and/or operations at scale
Background Check and Security Clearance
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Citizenship Verification: This position requires verification of U.S. citizenship to meet federal government security requirements.
- This position may require access to information controlled under the International Traffic in Arms Regulations (ITAR) or the Export Administration Regulations (EAR), the successful candidate must be a
Description(岗位职责)
As Senior Security Program Manager, you will help mature the Mixed Reality Security posture by educating team members, creating tools, systems and processes. Additionally you will provide coordination and executive leadership during information security and export control incidents for Microsoft’s Mixed Reality Team. Your passion will show as you step into a crisis and lead teams to a successful resolution. You will be responsible for ensuring that the Mixed Reality team has proper processes and procedures to address current and future security threats to our businesses. You will also participate in required meetings, activities to discuss incidents and facilitate discussion around trends and early warning indicators, as well as help design and implement solutions to emerging threats.
- Responsibilities Analyze potential security and export control violation issues and develop investigation and resolution plans
- Facilitate implementation of established plans and procedures for security events and incidents
- Development of tools and design or re-engineering of processes for intrusion detection and prevention based on current best practices in the industry
- Rapidly react to changing situations and develop new plans based on recent discoveries.
- Coordinate with internal and external business partners and security teams at a deeply technical level
- Educate internal engineering team members of security risks and mitigations
- Coordinate with security champs and members of internal organizations to ensure increased security maturity of Mixed Reality products and systems
- Assist with supply chain security and compliance investigations/audits for internal and external products
- Collaborate with engineering teams to drive architectural changes that improve the stability and security of each environment
