Cyber Defense Operations Hub and Incident Command Leader
 Microsoft | |
 United States, Washington, Redmond | |
 Dec 18, 2024 | |
|
OverviewSecurity is the foremost concern for Microsoft and our customers in a world increasingly challenged by digital threats, regulatory demands, and estate complexity. The Microsoft Security organization accelerates Microsoft's mission to ensure that our company and industry effectively secure digital technology platforms, devices, and clouds across our customers' diverse environments, as well as our own internal systems. Within Microsoft Security, the CISO organization is dedicated to defending the Microsoft estate and protecting our customers and partners who rely on it with our approach reinforced by the Microsoft Secure Future Initiative (SFI), a company wide effort to evolve how we design, build, test, and operate our products and services to achieve the highest possible standards for security. Our strategy is anchored in stopping adversaries through the integration of advanced threat intelligence, proactive threat hunting, rock solid operations, sustainable governance, and the facilitation of automation and augmentation with AI to anticipate, detect, and neutralize even the most sophisticated attacks. We cultivate a culture focused on growth, excellence, and empowering our teams and leaders to perform at their highest level, leading to innovations that impact billions of lives around the world. We are seeking an experienced Cyber Defense Operations Hub and Incident Command Leader to oversee and enhance the Operations Hub within Microsoft's Cyber Defense Operations. The Operations Hub is the centerpiece of the Defense Operations organization and is responsible for cybersecurity incident coordination, cross-organizational communications, oversight and monitoring across Defense Operations, and continuous improvement of Defense Operations processes. With the continued evolution of the external threat landscape, Microsoft continues to be a prime target for a variety of threat actors and experiences an increasing number of attempts to breach its defenses. In this role, you will lead our Operations Hub function within the Cyber Defense Operations team. You will be ensuring the function is coordinating incidents effectively, managing the coordination of incident response activities so they move at pace with clear milestones defined, tracked, and communicated accurately. As a Leader of the Operations Hub and Incident Command, you will build the team at the center of Microsoft Cybersecurity Defense Organization. In this role, youwill alsoshape thebroaderframeworkto monitor and oversee the health and effectiveness of the broader Defense Operations ecosystem,helping tobuild scalable processesto monitor that cases and incidents are being handled in a timely manner with clear ownership and resolutionandtodrive continuous improvement to ensure our Cyber Defense Operation function remains agile, efficient, and at the cutting edge of threats and challenges. Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
ResponsibilitiesStrategic and Operational Leadership tooptimizeIncident Coordination and Communication capabilitiesacross Microsoft's Cyber Defense Operations.Build, mentor, and manage a high-performing team of incident response professionals, fostering a culture of collaboration, resilience, and continuous improvement.Drive training and readiness programs to enhance the team's ability to handle emerging threats and crises.Oversee end-to-end incident lifecycle and enable continuous monitoring, analysis, and enhancement ofcases and incidents across Defense Operationsimproveoperational measures and responsecapabilities. Collaborate with cross-functional teams to ensure that incident coordination and communication processes are scalable, efficient, and aligned with organizational goals. Build strong partnerships across defense, engineering, governance, compliance and security teams to enable timely incident coordination. Establish metrics and reporting to measure the effectiveness of incident coordination, identifying and addressing gaps or inefficiencies. Establish metrics and reporting to measure the effectiveness of case handling and resolution across the Defense Operations organization. Drive process improvements, best practices, and automation opportunities to enhance the methods by which incidents are coordinated and related information is communicated across the organization. Ensure alignment with broader cybersecurity strategies, compliance requirements, and industry standards. | |