Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. As part of the Microsoft Security organization, and a steward of Microsoft and our customer's data, a core function of Microsoft DSR (Digital Security & Resilience) is ensuring the security of every aspect of the business. Microsoft DSR (Digital Security & Resilience) is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity.Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.ResponsibilitiesDo you have a passion for security and get excited about impacting some of the largest and most complex security challenges Microsoft faces in the enterprise today? Are you looking to join a fast-paced, dynamic, and diverse team?The Assessment Consulting & Engineering (ACE) team is the assurance arm of Microsoft’s Digital Security and Resilience (DSR) organization. Our team is a dynamic organization chartered with providing security assurance services to Microsoft’s enterprise to help effectively identify and mitigate security risks. We are a high energy, highly collaborative team.The successful candidate for this role will work across teams and service lines to execute on our ACE strategy for providing end to end security assurance for Microsoft Digital. This includes application security assurance and automation capabilities across a broad portfolio of apps and services. As a Security Assurance Architect, you will be expected to contribute to the strategy and vision for the team and also drive continuous assurance into the engineering and operations processes. You will have the opportunity to work with engineering teams starting early in the development cycle to influence secure design and development. We take pride in being a diverse and inclusive team, and we expect that you will join us on this mission.Key responsibilities: Provide security subject matter expertise and conduct security assessments. Lead & execute on a strategy that focuses on effective and efficient security processes to mitigate risk for Microsoft’s enterprise. Ensure the controls, platforms and tools which support the assurance processes are aligned to the latest security trends and engineering models. Work with other security assurance and security tooling teams across Microsoft to ensure a One Microsoft approach wherever possible for at-scale security assurance. Collaborate effectively with other engineering and pentest teams.Other
Embody our Culture (https://www.microsoft.com/en-us/about/corporate-values) and Values (https://careers.microsoft.com/us/en/culture)
QualificationsRequired Qualifications
7+ years experience working as an information security professional, technical program management or similar engineering role
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field
OR equivalent experience.
Experience with one or more of the following: threat modelling, identity management, web application development, DevSecOps (Development Security Operations).
Preferred Qualifications:
Prior experience in application security and/or security assessment programs.Experience with cloud security assessment or cloud application development using Azure or another major cloud provider.Communication and Presentation skills and experience presenting to management.
Decision making skills, and the ability to thrive in fast-paced and ambiguous situations.
Desire to innovate, grow, and learn as the industry continually evolves.
Experience in a team environment, running and designing enterprise scale services and platforms, technical depth in cloud platforms, agile development practices, and experience in designing & tuning telemetry.
Experience ensuring resilient and scalable service designs through partnership with other members of the service team.
Security Assurance IC5 - The typical base pay range for this role across the U.S. is USD $133,600 - $256,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $173,200 - $282,200 per year.Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay#ACE #ETSA #DSR #MSFTSecurityMicrosoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .
