Senior Application Security Engineer or Senior Technical Program Manager - Microsoft Corporation (Texas)

Senior Application Security Engineer or Senior Technical Program Manager

Digital Security & Resilience (DSR) - Infrastructure Security & Standards

This role has the opportunity to work from a choice of several locations.

The mission of **Microsoft Digital** is to power, protect, and transform Microsoft as the voice of our digital transition in the market. As part of Microsoft’s Cloud + AI Group, we are responsible for building, managing, and securing the platform, products, processes, and services that powers Microsoft. We build, maintain, and implement a cloud-first approach to our technology and experiences, from custom-built business solutions developing our campus of the future and our productivity and collaboration experiences like Teams and SharePoint, to horizontal 3rd party solutions like SAP and Adobe. As a steward of Microsoft and our customer’s data, a core function of Microsoft Digital is ensuring the security of every aspect of the business. Microsoft Digital is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. Microsoft Digital’s charter is also to influence and work alongside engineers across the company and with strategic partners to build and grow their cloud products and services. As customer zero, we deploy these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!

Do you have a passion for Application Security? Do you get excited about protecting Microsoft by setting the security direction and guidance for securing our enterprise software supply chain? This is your opportunity to be a leader in protecting Microsoft corporate services that enable our business and supports our customers against current and future threats.

Digital Security and Resilience (DSR) is looking for a **Senior Application Security Engineer** or **Senior Technical Program Manager** to improve and expand the security of Microsoft Digital’s software supply chain. As part of a high impact security team, you will be empowered to lead and work across the Microsoft Digital organization and multiple product teams to raise the bar for protecting the enterprise.

In this role, you will lead efforts across peer teams, divisions, and Product Groups to set the strategy and deliver standards and guidance leading to an increased security posture for Microsoft Digital environments. You will work with engineering teams to identify areas of opportunity and will define plans to close gaps. You will push for automation and drive towards secure by default environments. Along the way, you will be a trusted voice who shares your knowledge and expertise about securing the Microsoft platform with Microsoft’s largest customers to help them deliver the most secure and productive experiences for their own organizations.

Responsibilities

Key responsibilities:

+ The below key responsibilities are for at least one of the following: Developer Environment, Secure Coding, Software Dependencies, and/or Developer Pipeline.

+ Develop security roadmap leveraging a risk driven approach and drive execution.

+ Lead and Identify cross-organizational teams to create and maintain security guidance (e.g. Baselines, Reference Architectures, Design Patterns, Control Procedures).

+ Evaluate capabilities and features to identify gaps against our security standards and drive security gap resolution.

+ Serve as Security Subject Matter Expert within Microsoft Digital and other Microsoft groups alike.

+ Communicate progress to leadership on efforts towards securing owned scenarios and closing identified security capability gaps in conjunction with Product Group teams.

Qualifications

Basic Requirements:

+ Minimum 5 years of experience in a technical program management, software engineering, or similar role especially in software development.

+ At least 5 years of general cybersecurity experience.

+ 2+ years building or managing software development pipelines and/or software development experience.

Preferred, Requirements:

+ Knowledge of Security Development Lifecycle experience.

+ Prior experience producing concise and quality technical documentation.

+ Experience with building pipelines in Azure DevOps and/or GitHub.

+ General understanding of cybersecurity standards.

+ Extensive leadership skills, including the ability to influence without authority and collaborate effectively across multiple business groups with clear intent.

+ Excellent judgment, decision making skills, and ability to work with deadlines.

+ Excellent presentation skills and experience presenting to management.

\#DSR

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

* This article was originally published here