Director of Security
Company: Microsoft
Location: Redmond
Posted on: February 24, 2026
|
|
|
Job Description:
We are seeking an experienced operational and infrastructure
security leader to manage the security posture of Microsoft AI’s
production estate. This role is responsible for protecting some of
Microsoft’s largest consumer services, including Bing, Copilot,
Edge, MSN, and Microsoft Advertising, by driving secure-by-default
infrastructure, rigorous operational security practices, and
high-confidence vulnerability and configuration management at
scale. As the manager of the team, you will lead a group of
security engineers and program managers who partner directly with
product engineering, SRE, and platform teams. You will scale your
expertise through them, ensuring that secure patterns, baselines,
and controls are consistently implemented across diverse,
high-volume systems. You will own the Infrastructure and
Operational Security assurance functions and be accountable for
continuous monitoring, risk reduction, and the overall security
health of the division. Why Join Us: Shape the security posture of
Microsoft’s most widely used consumer products. Lead a team
operating at the intersection of scale, complexity, and real-world
impact. Work in a collaborative environment that values clarity,
accountability, and technical excellence. Play a critical role in
protecting Microsoft’s digital ecosystem and earning customer
trust. Microsoft’s mission is to empower every person and every
organization on the planet to achieve more. As employees we come
together with a growth mindset, innovate to empower others, and
collaborate to realize our shared goals. Each day we build on our
values of respect, integrity, and accountability to create a
culture of inclusion where everyone can thrive at work and beyond.
Starting January 26, 2026, Microsoft AI (MAI) employees who live
within a 50- mile commute of a designated Microsoft office in the
U.S. or 25-mile commute of a non-U.S., country-specific location
are expected to work from the office at least four days per week.
This expectation is subject to local law and may vary by
jurisdiction. Responsibilities Infrastructure and Operational
Security Execution: Assist in the development and implementation of
comprehensive security strategies aligned with the Secure Future
Initiative (SFI) and beyond. Manage a team to deliver technical
execution with engineering, set policy and build tooling and
automation to enforce Security by Default baselines within
Microsoft AI environments. Identify opportunities to continuously
improve controls and monitoring for Secure Operations. Lead
direction on the assurance programs that align with Microsoft’s
Security Development Lifecycle, evolving the existing programs in a
more modern security direction. Security Project Orchestration:
Oversee large-scale security project rollouts across the
organization. Coordinate with various teams to ensure seamless
execution of security initiatives. You will own management of
security baseline design and execution, providing direct technical
support and advice to engineering, providing reporting and
summaries to leadership and generally delivering on projects to
identify and mitigate security risks. Cybersecurity and Operational
Program: Adopt and oversee cybersecurity guidelines and standards,
coordinate with compliance teams, and execute attestations.
Ensuring the adoption of Implementation Guidance issued through the
Regulatory Governance program, as well as other compliance
guidance, Council decisions, and applicable standards and controls.
Including oversight of and coordination with compliance teams, and
execution of necessary attestations and related records.
Qualifications Required: Bachelors Degree AND 6 years experience in
engineering, product/technical program management, data analysis,
or product development OR equivalent experience. 1 years people
management experience. Minimum of 6 years of experience in
cybersecurity, with a focus on planning and execution of security
assurance programs (application and operational). Preferred:
Bachelors Degree AND 12 years experience engineering,
product/technical program management, data analysis, or product
development OR equivalent experience. Minimum of 8 years of
experience in cybersecurity, with a focus on planning and execution
of security assurance programs (application and operational). 3
years of experience managing cross-functional and/or cross-team
projects. Certified Information Systems Security Professional
(CISSP) Certification, Security Certification, or relevant
certification. Experience managing large scale cybersecurity
assurance and operational security programs preferably including
online service development. Experience with defining and tracking
OKRs and KPIs to measure program performance. Proficient
communication and collaboration skills, with the ability to
effectively interact with stakeholders at all levels of the
organization. Experience with application security standards such
as OWASP ASVS/Top 10, CWE 25. Experience with common security
libraries, security controls, and common security flaws.
Outstanding collaboration and partnership skills, with proven
ability to drive results across teams. Coding skills in one or more
general purpose scripting languages. Proven experience in
establishing security baselines for infrastructure, identifying and
mitigating operational security risk and hands on implementation,
coding, scripting and automating Azure (or equivalent) cloud
infrastructure and services. MicrosoftAI Security CyberSecurity
SecurityEngineering Technical Program Management M5 - The typical
base pay range for this role across the U.S. is USD $139,900 -
$274,800 per year. There is a different range applicable to
specific work locations, within the San Francisco Bay area and New
York City metropolitan area, and the base pay range for this role
in those locations is USD $188,000 - $304,200 per year.
Keywords: Microsoft, Kirkland , Director of Security, IT / Software / Systems , Redmond, Washington
