Security Assurance Engineer

Security Governance & Compliance in the office of the dCISO (Deputy Chief Information Security Officer) for Governance and Trust puts people at the center of its mission. We focus on enabling secure, compliant, and resilient operations across government cloud environments. We move fast, prioritize automation, and stay focused on delivering measurable value to all stakeholders. Our team brings together individuals from diverse backgrounds, experiences, and disciplines each contributing to how we assess risk, enforce policy, and drive accountability. That diversity strengthens our ability to navigate complexity, collaborate effectively, and deliver outcomes that reflect the needs of the environments, customers and other stakeholders that we support.

Do you have a passion for security and get excited about impacting some of the largest and most complex security challenges Microsoft faces in the enterprise today? Are you looking to join a fast-paced, dynamic, and diverse team? Our team is a dynamic organization chartered with providing security assurance services to Microsoft's enterprise to help effectively identify and mitigate security risks. We are a high energy, highly collaborative team.

As the Security Assurace Engineer you will work across teams and service lines to execute on our strategy for providing end-to-end security assurance. This includes application security assessments for a broad portfolio of apps and services. You will be expected to contribute to performing assessments as well as helping manage the business and alignment with compliance requirements. You will have the opportunity to work with engineering teams throughout the development cycle to influence secure design and continuous security of these services.This role will require cross divisional partnership with engineering teams, Corporate, External, and Legal Affairs (CELA), CISO organization, Global Trade, and the National Security Team among others.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

• Lead cross-functional and cross-team projects, ensuring timely and within-budget completion.
• Collaborate with engineering teams to drive technical projects and deliver innovative solutions.
• Provide security training and develop incident response processes to handle multi-dimensional incidents.
• Ensure data integrity and compliance with contractual requirements.
• Communicate effectively with stakeholders, including government agencies, to ensure alignment and compliance with regulations.
• Identify and mitigate security vulnerabilities and risks through analytical problem-solving and strategic decision-making.

Other:

• Embody our company's Culture and Values.

• Master's Degree in Engineering, Product/Technical Program Management, Data Analysis, Product Development or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Engineering, Product/Technical Program Management, Data Analysis, Product Development, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience.

Other Requirements:

• Microsoft Cloud Background Check:
  • This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
• Citizenship & Citizenship Verification:This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport.

Preferred Qualifications:

• 6+ years of experience managing cross-functional and/or cross-team projects.
• Experience working in a similar role within the technology or defense industry.
• Ability to obtain and maintain a United States Security Clearance.
• 2+ years experience managing cross-functional and/or cross-team projects.
• 2+ years experience running or supporting enterprise scale services or platforms within a distributed cloud environment.
• 3+ years of demonstrated experience in agile development practices, security operations, threat modeling, or other security practices.
• 2+ years of experience supporting highly regulated federal environments under FedRAMP, FAR/DFARS, CMMC, and ITAR regulations.

Security Operations Engineering IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.