Security Operations Engineering Manager

Are you passionate about tackling some of the most complex challenges in digital security today Do you thrive in an environment that values continuous learning where you re encouraged to unlearn outdated practices and embrace new skills every day Are you motivated by the opportunity to influence the security posture of an entire organization daily If so we invite you to explore this exciting opportunity We are looking for a skilled with a role focused on managing a team of detection and response to threats against Microsoft s environment This role is part of Microsoft s CDO - Cyber Defense Operations Responsible for the managing installation maintenance support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening security maintenance and vulnerability remediation procedures are followed Special Requirements Proficiency in a scripting language preferably perl PHP or python a plus Must demonstrate basic knowledge of knowledge of Linux Mac and Strong understanding of Windows operating systems and networking protocols About CDO - Cyber Defense Operations An organization led by Microsoft s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services CDO s vision is to ensure all information and services are protected secured and available for appropriate use through innovation and a robust risk framework Responsibilities Incident Response Leadership Serve as the escalation point and decision-maker for all Cloud Azure security incidents Oversee the full incident lifecycle detection triage investigation containment remediation and post-incident review PIR Coordinate with internal stakeholders e g engineering legal compliance communications and external vendors during incident handling Team Management Development Lead mentor and grow a team of around 10 security engineers ensuring coverage for 24 7 incident response rotations Define team goals performance metrics and development plans aligned with organisational security objectives Foster a culture of continuous learning collaboration and operational excellence Process Tooling Ownership Own and evolve the Cloud Azure incident response playbook ensuring alignment with broader security SOPs and compliance frameworks Drive automation and tooling improvements for incident detection triage and reporting Ensure all incidents are documented in accordance with internal standards and regulatory requirements Communication Reporting Act as the primary liaison for executive and customer-facing communications during high-severity 3P incidents Deliver regular updates to leadership on incident trends root causes and mitigation strategies Lead post-incident reviews and drive systemic improvements across engineering and vendor ecosystems Compliance Governance Ensure incident handling aligns with internal policies and external obligations e g data breach notification laws contractual SLAs Partner with legal and compliance teams to assess regulatory exposure and coordinate disclosures when necessary Qualifications Experience Over 15 years of experience in Security Operations Center SOC environments including 10 years as a Security Analyst and 5 years in a leadership role managing SOC teams Proven track record in managing security incidents especially involving third-party vendors or supply chain ecosystems Experience working in or with a Security Operations Center SOC including familiarity with SIEM tools threat intelligence platforms and incident response framework Technical Skills Deep understanding of security incident lifecycle management including detection triage containment eradication recovery and post-incident review PIR Familiarity with cloud security Azure identity and access management and vulnerability management Ability to interpret and apply regulatory and compliance requirements e g GDPR ISO 27001 FedRAMP to incident response processes Leadership Communication Strong leadership and team-building skills with experience managing distributed or cross-functional teams Excellent communication skills for engaging with executives legal compliance and external vendors during high-severity incidents Experience in conducting tabletop exercises and training programs to ensure team readiness Operational Excellence Familiarity with incident tracking systems and ability to drive continuous improvement through lessons learned Experience in developing and maintaining incident response playbooks and escalation protocol Additional Mandatory Qualifications Over 15 years of experience in Security Operations Center SOC environments including 10 years as a Security Analyst and 5 years in a leadership role managing SOC teams In depth Azure Cloud network and security knowledge is a must In-depth knowledge of Operating systems Windows Linux and MAC OS Knowledge on Network LAN and WAN to understand the threat landscape Knowledge on KQL is added advantage Ability to use AI and ML tools to perform day to day tasks Security certification Cysa CISM and Network Certification CCNA will be added advantage Microsoft is an equal opportunity employer All qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex including pregnancy sexual orientation or any other characteristic protected by applicable laws regulations and ordinances If you need assistance and or a reasonable accommodation due to a disability during the application or the recruiting process please send a request via the