Security Operations Leader

Share job

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

We are seeking an experienced Security Operatons Leader to build the monitoring and continuous improvement function within the Operations Hub of Microsoft’s Cyber Defense Operations (CDO). This role is responsible for ensuring the health and effectiveness of operations through consistent oversight, process development, and timely incident and case monitoring across all Cyber Defense Operations functions.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Required Qualifications:

• 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), and information technology (IT) operations

  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.

• 3+ years people management experience with a focus on leading teams in operational or oversight roles.

• Understanding of the incident response lifecycle, including the processes and technologies that assist with incident response AND experience working in high scale cloud architecture environments

• Ability to design and implement operational processes and standards along with analytical skills with the ability to synthesize multiple and complex threads and provide actionable directions to other team members.

• Communication and collaboration skills to drive alignment across multiple teams and stakeholders and to keep executives informed and aware of important topics.

Other Requirements:

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter

Preferred Qualifications:

• 9+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
  • OR Doctorate in Statistics, Mathematics, Computer Science or related field.
• 5+ years people management experience.
• 2+ years leading a security function (e.g., Security Operations Center [SOC], threat and vulnerability management [TVM]).
• Familiarity with Microsoft technologies and security frameworks.
• Experience distilling complex technical concepts into business-oriented outputs for executive consumption and understanding.
• CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification.

Security Operations Engineering M5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until April 28, 2025.

#MSFTSECURITY #CISOOrg

Core Responsibilities:

• Strategically build and lead the Monitoring and Oversight team to scale the function and ensure all cases and incidents across Cyber Defense Operations (CDO) are efficiently managed with clear ownership and resolution while fostering a culture of accountability and excellence.
• Spearhead the development and implementation of scalable, cross-functional processes that enhance operational efficiency, streamline incident management, and improve tracking mechanisms across the organization to ensure long-term effectiveness and resilience.
• Drive and champion continuous improvement efforts across Cyber Defense Operations (CDO) while securing operational agility and the timely integration of innovative solutions that maintain a proactive stance against emerging threats and optimize the overall security posture.
• Collaborate with senior leaders and cross-functional teams within Cyber Defense Operations (CDO) to identify strategic opportunities for process standardization, operational optimization, and risk mitigation to confirm alignment with broader organizational objectives and enhance the overall performance of CDO.
• Define, establish, and oversee the tracking of key metrics that measure success in the functions that drive operational efficiency and ongoing process improvements thus aligning with the strategic objectives of the CDO and the broader Microsoft Security mission.