This job ad has been posted over 30 days ago...



Security Program Manager Full-time

at Microsoft in Hyderabad (Published at 03-02-2017)

Do you like working with the latest, emerging areas of technology, and exploring aspects of security not yet available commercially?

Does finding security flaws in design and implementation of applications and platforms excite you? Do you regard yourselves as an out-of-the-box thinker? If yes, then we are looking for you to join us as a Security Program Manager in the ISRM ACE team! The Assessments Consulting & Engineering (ACE) team is part of Microsoft Information Security & Risk Management (ISRM) organization and focuses on security assessments of applications, systems and infrastructure.

We deliver security consulting and advisory services to Microsoft’s internal businesses and to external Customers /partner organizations (via security design reviews, code reviews, penetration testing and privacy assessments) with the goal to ensure that applications, systems and infrastructure adhere to the highest standards of security engineering, are compliant with security policy and protect corporate business data and intellectual property in a risk-optimized manner. This team also leads a number of key initiatives like Supplier Security, Build Integration Automation (for security use cases), Securing Production Web Applications etc.

Security Program Manager Responsibilities

As a program manager in ACE, you will be expected to work closely with IT business process units to assist them in optimizing IT security related risks via technical assessments and remediation recommendations for failed controls.

In this role you will also be expected to serve as the security champion/trusted advisor for one or more business process units. You will engage with businesses in all of the different lifecycle stages of applications/solutions — starting from early conception all the way through requirements definition, design, implementation, testing, staging and operations stages.

Working with ACE will give you the opportunity to hone your security knowledge and consulting skills alongside some of the best security consultants in the world!

It will tremendously improve your technical understanding of information security across a variety of platforms and broaden your perspective of security requirements for scenarios and solutions in various industries in today’s “mobile first, cloud first” era.

It will also give you a well-rounded exposure to IT security in the enterprise (via an improved understanding of Governance, Risk & Compliance (GRC), Security Operations, Security Tools, Privacy, Security Infrastructure Assessments, Security Maturity Assessments, etc.).

You will also get to hone your skills in driving initiatives in new and emerging areas of information security using the latest cutting-edge tools and methodologies.

Education & Experience: A bachelor’s degree in Computer Science/Engineering is required. 3-5 years of work experience in Software Development with strong knowledge of secure software development processes and techniques…

Specifically the following:

*Strong understanding of what it takes to build secure applications and secure systems on a mainstream platform (ideally Microsoft.NET) Solid foundation of common software vulnerabilities and their mitigation techniques

*Good knowledge of security infrastructure components such as AD, ADFS, Azure etc.

*Good knowledge of cryptography – especially the ability to use of primitives in a design situation

*Working knowledge of security tools such as Fortify, Nessus, Qualys, etc.

*Experience in independently running security initiatives, internally within a large organization, or in a global consulting firm, will be a bonus.

Note: Applications have been closed.

Recent jobs at Microsoft

Viewed: 3167 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend