Cybersecurity Manager Detection And Response

Why Microsoft
With over 18,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft’s end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.
This role is flexible in that you can work up to 100% from home.
Responsibilities:
The purpose of this role
The Microsoft Detection and Response Team (DART) is hiring a Cybersecurity Manager for Detection and Response. This position will be a vital leader and manager of the global Cybersecurity Incident Response team, leading the DART team in customer investigations, activities, and capability development with the support of Microsoft Partners. You will work in a fast-paced, intellectually intense, constantly evolving environment, and deal with complex customer challenges every day.
Responsibilities:
People Management

• Responsible for managing and leading a team of cyber security analysts, engineers, developers, leads and incident managers.
• Managers deliver success through empowerment and accountability by modelling, coaching, and caring.

Strategic Initiatives

• Secure partner relationships and work closely with internal product and services groups as well as co-delivering with Microsoft’s Partner ecosystem.
• Develop and mentor individual contributors through open communication, training and development opportunities and performance management processes.
• Develop and maintain objectives, metrics and KPIs supporting the department’s strategic direction and continuously improve incident response technical capabilities.
• Communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner. Present to a wide range and size of audiences from IT Pro, to CxO, to business decision makers
• Technical leadership and executive presence to establish Trusted Technical Advisor to influence senior decision makers to mature and promote customer’s security posture across the overall technology landscape.
• Synthesizing industry knowledge and external threat intelligence into actionable business communication
• Interface closely with and influence security product owners.
• Drive the evolution of both proactive and reactive Detection and investigation.

Business Operations

• Maintain a profitable business while developing a strategy for significant growth.
• Influence product direction through customer experience and feedback of product capabilities during crisis
• Engage directly with customers as a member of the engagement team, providing leadership and oversight to ensure profitability, high customer satisfaction, and operational excellence.
• Ensure delivery alignment with sales and prioritize capacity and readiness planning against demand.
• Serve as liaison between technical response and the business to minimize the impact of an incident to the customer.
• Maintain business operations: Deliver against metrics, KPIs and other leading delivery operational and health indicators for our business unit. Responsible for technical and executive level reports on incident response issues.
• Ability to apply entrepreneurial and innovative mindset and attitude to adapt to the speed and agility needed for evolving business demands.
• Excellent time management, writing and communication skills.
• Participating in a follow-the-sun on-call rotation
• Short-notice travel will likely be 40% or higher as is demanded by the needs of our customers and our business.
• Off-time zone hours and weekend work are highly likely.
• Position location is flexible.

Qualifications:
What skills do you need to have?
There will be many opportunities for you to learn and grow into this role and Microsoft.
Ideal candidates should possess approximately 10+ years of related work experience along with the following:

• Strong analytic, qualitative, and quantitative reasoning skills
• Track record of successfully managing a technical business group and maintaining consistent growth
• Recognized as a strategic leader who has the ability to hire, retain and motivate diverse quality talent
• Experience leading both a services organization and product development function
• Develop business strategy and provide technical thought leadership
• Manage customer engagements escalations to ensure customer satisfaction
• Advanced technical degree or equivalent experience
• Expert understanding of security technology and implementation principles with a focus on the cyber threat landscape
• Strong oral and written communication, organization and interpersonal skills
• Knowledge of the legal and regulatory landscape related to security and privacy in an international environment
• Executive presence, ability to influence senior IT and Global Risk leaders, CISO, CTO, CIOs
• Experience leading a global cross-functional team
• Experience with the following: opportunity identification, customer advocacy, conflict resolution, competitor intelligence, challenger mindset, business acumen and analysis, executive presence, strategic technical planning, technology industry knowledge, trusted technical advisor

Additional Qualifications
Experience with some of the following is a distinct advantage:

• Demonstrated history of leading teams of Security threat hunting analysts, engineers and consultants to successfully investigate cases of advanced targeted exploitation or similar interactive hacking cases
• Proven experience in helping enterprises manage vulnerabilities, measure security and ensure compliance
• Recognized as a subject matter expert in various security disciplines with a deep understanding of real-world APT tools, tactics, and procedures
• Cloud SaaS and PaaS experience and an understanding of investigations in those environments and leveraging cloud for investigation scale
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques
• International consulting experience is preferred
• Eligibility for a government security clearance is a plus.

Microsoft believes that by investing in our people and creating an inclusive environment, our team will do their best work. See our complete list of benefits and why we are recognised as an Endorsed Employer for Women by WORK180.
Our mission is deeply inclusive.
What next?
Even if you feel you may not meet 100% of the criteria, please apply. You may exceed your own expectations, or we may have another opportunity that suits your potential. While we’re not able to reach out directly to every applicant, we will always do our best to help you feel heard and supported throughout the experience.
In the meantime, please see our , and for more information on our recruitment process.