Job Details
Posted date: Aug 05, 2025
Category: Program Management
Location: Redmond, WA
Estimated salary: $188,900
Range: $119,800 - $258,000
Employment type: Full-Time
Travel amount: 25.0%
Work location type: Up to 100% work from home
Role: Individual Contributor
Description
The Microsoft Customer and Partner Solutions (MCAPS) Division unifies the commercial go-to market organization to accelerate our progress, stay true to the Microsoft mission, and empower our customers, partners, people, and Microsoft’s growth. Within MCAPS, TrIP (Trust and Integrity Protection) provides policies, guidance and oversight of risk & compliance across the MCAPS division for security, privacy, trade, anti-bribery resilience & incident response.The Trust and Integrity Protection (TrIP) team is looking for a motivated Incident Response Manager to be a part of the Incident Response (IR) Team. In this role you will have the opportunity to work on privacy, cybersecurity, and security issues as part of a dynamic and high-impact team. Your day-to-day responsibilities include conducting detailed and comprehensive investigations and driving issues to closure. You will analyze, contain, and mitigate escalations from multiple sources, both internal and external. You will also contribute to developing innovative automation, leveraging AI responsibly, and orchestration solutions for response. As part of the job, you will collaborate with incident response partners and Microsoft privacy groups to improve our security and privacy posture.
Incident Response technical program management
Conduct detailed comprehensive triage and investigation on a wide variety of privacy/security events and implement containment and mitigation processes.Collaborate with internal incident response partners to drive issue containment, remediation, management and closure.Contribute and/or Document standard operating procedures, playbooks that support IR scenarios within scope for the TrIP IR function.Detect and respond to threats, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data.Keep up to date with industry best practices and emerging vulnerability, response, mitigation, threat landscape trends and use this knowledge to drive proactive detection and issue avoidance.Ensure reliable and timely notification to impacted customers and/or regulators in accordance with appropriate regulations and contractual obligations.Conduct regular table-top/exercises and simulations with relevant parties and identify and remediate any gaps.Operations
Liaise with vendor teams to ensure smooth Tier 1 operation (intake) and Service Level Agreements (SLAs).Seek opportunities for automation and AI for process efficiencies, eliminating un-necessary workflows in Incident Response (IR).Use business intelligence to drive awareness, insights and trends and identify systemic and emerging themes to improve the overall security and privacy posture.Risk and Compliance
Partner with security and privacy risk managers on risk identification and documentation, controls identification and monitoring that ensures shift left in development practices.Work with analysts and engineers by observing gaps and opportunities to provide efficiencies in detection and response.We handle active security events and respond to threats from a variety of sources; you will be required to participate in shift and on call rotation. Act as a trusted advisor and influence engineering and business partners to adopt best practices, consult, ensure risks are logged, remediations are implemented to reduce security and privacy risk in the division.
Qualifications
RequiredQualifications:Bachelor's Degree AND 4+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience.2+ years of experience managing cross-functional and/or cross-team projects.3+ years of hands-on experience in cybersecurity incident response, security operations, threat detection and analysis.Knowledge of NIST 800-171 or other U.S. Federal government incident reporting requirements.Other Qualifications:
Citizenship & Citizenship Verification: This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customer and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government Clearance.
Additional / Preferred Requirements:
CISSP (Certified Information Systems Security Professional) or equivalent Information security certificationCybersecurity Knowledge: Understanding of cybersecurity principles, threat landscapes, and common attack vectorsRegulatory Compliance: Knowledge of relevant laws and regulations (e.g., GDPR, HIPAA) and their impact on incident responseForensics: Skills in digital forensics to investigate breaches and gather evidenceNetwork Security: Proficiency in network security tools and technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM (Security Information and Event Management) systemsDemonstrated Experience in cybersecurity, IT security, or a related fieldCross-Functional Collaboration: Experience working with different departments, such as legal, compliance, and IT, during incident responseAnalytical Thinking: Strong problem-solving skills and the ability to analyze complex situationsCommunication: Excellent verbal and written communication skills to effectively report incidents and coordinate with stakeholdersAttention to Detail: Meticulous attention to detail to identify and address security vulnerabilitiesAdaptability: Ability to stay calm and adapt quickly in high-pressure situationsExperience working within a diverse organization to gain support for your ideasAbility to effectively multi-task and prioritize in a fast-paced environmentTechnical Program Management IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until August 12, 2025.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#AITjobs
Check out other jobs at Microsoft.