Microsoft AR/VR Job | Senior Security Program Manager
Job(岗位): Senior Security Program Manager
Type(岗位类型): Engineering
Citys(岗位城市): Redmond, United States
Date(发布日期): 2022-3-8
Summary(岗位介绍)
In Mixed Reality, people—not devices—are at the center of everything we do. Our tech moves beyond screens and pixels, creating a new reality aimed at bringing us closer together—whether that’s scientists “meeting” on the surface of a virtual Mars or some yet undreamt-of possibility. To get there, we’re incorporating groundbreaking technologies, from the revolutionary Holographic Processing Unit to computer vision, machine learning, human-computer interaction, and more.
We’re a growing team of talented engineers, program managers and artists putting technology on a human path across all Windows devices, including Microsoft HoloLens, the Internet of Things, phones, tablets, desktops, and Xbox. Our team has people from a wide variety of backgrounds, identities, previous work histories, life experiences, and we are eager to maintain and grow that diversity. Our varied backgrounds and unique experiences enable us to be better at building the best solutions for our customers and make for dynamic and joyful collaborations with colleagues!
If you are passionate about groundbreaking Mixed Reality technology and want to work on a team dedicated to a culture of inclusion, growth mindset and collaboration, we need you!
The Mixed Reality Security Governance and Compliance team is responsible for assessing and implementing security controls and policies for our products and systems. Mixed Reality Security works closely with product teams and partners within Microsoft to ensure all products and systems follow best practices and meet regulatory compliance. We manage a mix of government projects as well as commercial software and hardware. Our team has a unique set of needs due to the cutting edge nature of the Mixed Reality business.
Qualifications(岗位要求)
Required Qualifications:
- Must be U.S. Citizen to meet government screening requirements
- 4+ years direct experience with information, physical security and industry best practices and emerging threats
- 2+ years hands-on experience with Azure/Azure Gov products and security offerings
- 2+ Working knowledge on operationalizing NIST 800-171 regulations and U.S.G. Export Control laws (ITAR, EAR)
Preferred Qualifications:
- Must possess an ability to work well under pressure while maintaining a professional image and approach while dealing with ambiguity and problem definition under time-line constraints
- Must be comfortable working in a fast-paced environment and able to manage multiple, disparate activities at once
- Excellent communication skills both written and verbal to executive leadership as well as highly technical engineers and partner organizations
- Ability to take complex topics and succinctly describe to an audience that is not always deep in security expertise
- Awareness of modern security related subjects and trends such as threat hunting and modeling, digital forensics, reverse engineering, phishing, and penetration testing
- Experience with cloud computing, online services, enterprise software development, engineering and/or operations at scale
- SANS or CISSP certification in areas of Security strategy & roadmap development, Enterprise security, Access Management, and Risk Management
Background Check and Security Clearance
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Citizenship Verification: This position requires verification of U.S. citizenship to meet federal government security requirements.
- This position may require access to information controlled under the International Traffic in Arms Regulations (ITAR) or the Export Administration Regulations (EAR), the successful candidate must be a "U.S. person" : a natural person (a) who is a lawful permanent resident as defined in 8 U.S.C. 1101(a)(20); or (b) who is a protected individual as defined by 8 U.S.C. 1324b(a)(3); or (c) is subject to an approved license by the applicable government agency.
- The successful candidate must have an active or be able to obtain a U.S. Government Secret Security Clearance. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate clearance and/or customer screening requirements within 6 months may result in employment action up to and including termination.
- Candidates selected for this position must comply with Federal Executive Order 14042 mandating that federal contractors and subcontractors receive the COVID-19 vaccine by being fully vaccinated before their date of hire, or work with Microsoft to receive an approved religious or medical accommodation.
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
#MixedReality
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Description(岗位职责)
As Senior Security Program Manager, you will help mature the Mixed Reality Security posture by educating team members, creating tools, systems and processes. Additionally you will provide coordination and executive leadership during information security and export control incidents for Microsoft’s Mixed Reality Team. Your passion will show as you step into a crisis and lead teams to a successful resolution. You will be responsible for ensuring that the Mixed Reality team has proper processes and procedures to address current and future security threats to our businesses. You will also participate in required meetings, activities to discuss incidents and facilitate discussion around trends and early warning indicators, as well as help design and implement solutions to emerging threats.
- Responsibilities Analyze potential security and export control violation issues and develop investigation and resolution plans
- Facilitate implementation of established plans and procedures for security events and incidents
- Development of tools and design or re-engineering of processes for intrusion detection and prevention based on current best practices in the industry
- Rapidly react to changing situations and develop new plans based on recent discoveries.
- Coordinate with internal and external business partners and security teams at a deeply technical level
- Educate internal engineering team members of security risks and mitigations
- Coordinate with security champs and members of internal organizations to ensure increased security maturity of Mixed Reality products and systems
- Assist with supply chain security and compliance investigations/audits for internal and external products
- Collaborate with engineering teams to drive architectural changes that improve the stability and security of each environment