Job Category: Technical Service and IT
Location: Redmond, WA, US
Job ID: 849078-121679
Division: IT
Description
Do you have a passion for security and excited about impacting some of the largest and most complex information security challenges Microsoft is involved with today including application on cloud and mobile? If the answer is yes, you may be a candidate to join the ACE Team.
The ACE (Assessment, Consulting & Engineering) team is the assessment arm of Microsoft’s Information Security & Risk Management organization. Our team is a dynamic organization chartered with providing security assessment and advisory services to both Microsoft and to Microsoft’s enterprise and public sector customers to help effectively manage security risks. As a part of our charter, we are tasked with sharing and showcasing with external customers how Microsoft manages risks as well as to learn and bring back best practices from Microsoft’s customers to benefit Microsoft’s own risk management needs.
The successful candidate for the Sr. Security PM (Information Security) role will engage in a consulting/advisory role with both internal clients and Microsoft Enterprise customers to asses, develop and architect secure solutions. The Sr. Security PM will contribute expertise to broad areas including SDL tasks such as threat models, design reviews and security assessments as well as help drive architectural decisions including developing systems for Azure, Windows Marketplaces and emerging marketplaces such as SharePoint, Office and Yammer.
The candidate will be responsible for providing guidance and real world mitigation steps to identified information security risks. The successful candidate will be required to carry out technical assessments to identify security findings and help determine mitigation strategies and drive fixes to resolution. Understanding of Microsoft technologies, an understanding of application security and/or infrastructure security principles will be valuable experience for the right candidate.
Sr. Security PM (Information Security) responsibilities:
- Work with internal customers to understand their business portfolio and inject appropriate security control to enable a secure posture for the portfolio.
- Identify and reduce risk through performing technical assessments and remediation activities.
- Perform application security assessments on Microsoft platform developed applications.
- Follow all Microsoft services delivery methodology for external engagements, including ACE specific requirements around utilization, quality assurance, consistent delivery and meeting a high bar for customer satisfaction
- Geographic scope is the Americas however may require overseas travel. Some travel may be required with most deliveries requiring onsite presence within the continental United States
- Must be able to work autonomously as well as in team environments, often in stressful, high impact situations
Requirements/Qualifications and Previous Work and Related Experience (including educational requirements):
- 5+ Year experience working in an information security professional.
- Computer Science/Computer Engineering or related degree.
- Knowledge of Application Security Principles and Guidelines.
- Knowledge of Basic operational and infrastructure security principles and guidelines a huge plus.
- Understanding of the basics of application development languages such as.NET, C/C++, VB, VB NET, COM, COM+ and DCOM
- Excellent written, verbal and presentation skills are required
- Strong analytical and organizational skills are essential and required
- Experience in consulting/advisory capacity driving security controls into solution development.
- An understanding of ISO31000 standards and related assessment methodologies is desired.
- CISSP, CISM, SANS certifications, Microsoft technology certifications and other security certifications a huge plus
ISRM
Nearest Major Market: Seattle
Nearest Secondary Market: Bellevue
Job Segments: Program Manager, Security, Consulting, Engineer, Developer, Management, Technology, Engineerin
g
Location: Redmond, WA, US
Job ID: 849078-121679
Division: IT
Description
Do you have a passion for security and excited about impacting some of the largest and most complex information security challenges Microsoft is involved with today including application on cloud and mobile? If the answer is yes, you may be a candidate to join the ACE Team.
The ACE (Assessment, Consulting & Engineering) team is the assessment arm of Microsoft’s Information Security & Risk Management organization. Our team is a dynamic organization chartered with providing security assessment and advisory services to both Microsoft and to Microsoft’s enterprise and public sector customers to help effectively manage security risks. As a part of our charter, we are tasked with sharing and showcasing with external customers how Microsoft manages risks as well as to learn and bring back best practices from Microsoft’s customers to benefit Microsoft’s own risk management needs.
The successful candidate for the Sr. Security PM (Information Security) role will engage in a consulting/advisory role with both internal clients and Microsoft Enterprise customers to asses, develop and architect secure solutions. The Sr. Security PM will contribute expertise to broad areas including SDL tasks such as threat models, design reviews and security assessments as well as help drive architectural decisions including developing systems for Azure, Windows Marketplaces and emerging marketplaces such as SharePoint, Office and Yammer.
The candidate will be responsible for providing guidance and real world mitigation steps to identified information security risks. The successful candidate will be required to carry out technical assessments to identify security findings and help determine mitigation strategies and drive fixes to resolution. Understanding of Microsoft technologies, an understanding of application security and/or infrastructure security principles will be valuable experience for the right candidate.
Sr. Security PM (Information Security) responsibilities:
- Work with internal customers to understand their business portfolio and inject appropriate security control to enable a secure posture for the portfolio.
- Identify and reduce risk through performing technical assessments and remediation activities.
- Perform application security assessments on Microsoft platform developed applications.
- Follow all Microsoft services delivery methodology for external engagements, including ACE specific requirements around utilization, quality assurance, consistent delivery and meeting a high bar for customer satisfaction
- Geographic scope is the Americas however may require overseas travel. Some travel may be required with most deliveries requiring onsite presence within the continental United States
- Must be able to work autonomously as well as in team environments, often in stressful, high impact situations
Requirements/Qualifications and Previous Work and Related Experience (including educational requirements):
- 5+ Year experience working in an information security professional.
- Computer Science/Computer Engineering or related degree.
- Knowledge of Application Security Principles and Guidelines.
- Knowledge of Basic operational and infrastructure security principles and guidelines a huge plus.
- Understanding of the basics of application development languages such as.NET, C/C++, VB, VB NET, COM, COM+ and DCOM
- Excellent written, verbal and presentation skills are required
- Strong analytical and organizational skills are essential and required
- Experience in consulting/advisory capacity driving security controls into solution development.
- An understanding of ISO31000 standards and related assessment methodologies is desired.
- CISSP, CISM, SANS certifications, Microsoft technology certifications and other security certifications a huge plus
ISRM
Nearest Major Market: Seattle
Nearest Secondary Market: Bellevue
Job Segments: Program Manager, Security, Consulting, Engineer, Developer, Management, Technology, Engineerin
g
0 comments:
Post a Comment