Senior Technical Program Manager, Security Assessment

Share job

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

The M365 Security Team is seeking a Senior Technical Program Manager, Security Assessment, to drive objectives aimed at providing secure and trusted productivity experiences. This role will involve managing programs for security assessments (penetration testing), security and privacy flaw detection engineering, planning for security flaw hunting, and conducting security assurance reviews to ensure product development teams meet SDL and SFI engineering standards. This position requires expertise in technology, growth engineering, data-informed decision making, partner engagement, and customer focus.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Required Qualifications

• Bachelor's Degree AND 4+ years' experience in security engineering or cloud service development and/or technical program management
• OR equivalent experience.
• 2+ years of experience managing cross-functional and/or cross-team security projects
• 3+ years' experience with security assessments (penetration testing, architecture review, vulnerability assessment, code review), security development lifecycle, designing or developing cloud services, large scale computing, static and dynamic analysis (SAST and DAST), or anomaly detection.

Background Check Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications

• Bachelor’s or Master’s Degree in Cyber Security, Information Security, Information Assurance, Network Security, Computer Science, Software Engineering, or other related fields

Technical Program Management IC4 - The typical base pay range for this role across Canada is CAD $108,100 - CAD $199,700 per year.

Find additional pay information here: https://careers.microsoft.com/v2/global/en/canada-pay-information.html

Microsoft will accept applications for the role until April 26, 2025.

#M365Security#MSFTSecurity

• Plans, prioritizes, and coordinates execution of security assessments including cloud service penetration testing
• Collaborates with others to track, coordinate, and communicate end-to-end security assessment status and outcomes
• Partners with engineering teams to contribute, prioritize, and deliver on the roadmap for security and privacy flaw discovery
• Defines success criteria and performance metrics for security assessments, variant hunting, and detection engineering for security and privacy issues
• Conducts security assurance reviews to ensure that M365 Security Requirements and engineering standards are met throughout the Microsoft Security Development Lifecycle (SDL) and Secure Future Initiative (SFI)