Microsoft Looking For Director, Threat Context at New York, NY Full Time

The Customer Security & Trust (CST) team is looking for a Director, Threat Context within its Digital Threat Analysis Center (DTAC) to lead its team investigating foreign malign influence threats and cyber-attacks emanating from and targeting the European continent. CST is a part of Microsoft’s Corporate, External, and Legal Affairs (CELA) and leads much of Microsoft’s work to ensure that our customers are protected from the actions of advanced and persistent adversaries. Partnering with the Microsoft Threat Intelligence Center (MSTIC) and the Digital Crimes Unit (DCU), this manager will guide the analysis of an interdisciplinary team of researchers seeking to protect Microsoft, its customers and democracies against a wide range of hostile actions in the information environment. Understanding the threats, motivations and the geopolitical consequences of these threats is an essential part of our approach to protecting our customers, the computing ecosystem, and Microsoft itself.

Role:
In this role, the Director, Threat Context – Europe will lead a team of analysts identifying a wide range of cyber and malign influence threats across Europe. The Director will identify essential research and analysis, direct analysts to achieve defined milestones and objectives, will integrate the Europe team with the other DTAC regional teams and will work closely with MSTIC, DCU, and other cybersecurity organizations at Microsoft in the analysis of and reporting on activities related to cyber and influence activity. This leader will have a strong understanding of the geopolitical issues, motivations and interests of criminal, extremist and hostile nation state activity on the internet. The Director will lead the production of insights and then communicate those insights in publications and briefings both internally and externally with executives, customers, and others in the security community.

Responsibilities

Lead a team of threat context and data analysts focused on detecting, assessing and disrupting malign influence threats against Microsoft, its customers and democracies.

Analyze data and intelligence from cross company sources, the threat intelligence community, and open-source information to direct in depth research of team members.

Develop collaborative, actionable insights and recommendations for public and private sector stakeholders to help protect against malign influence and cyber-attacks.

Develop and present findings internally and externally to inform Microsoft and public policy.

Support MSTIC or DCU responses to events or incidents involving any of the groups or actors tracked within the portfolio.

Collaborate with all security teams cross company providing regional expertise and analysis on projects and reports related to cybersecurity and malign influence.

Continuously expand the Europe team’s coverage and understanding of threat groups through the addition of personnel with new and diverse analytical skills and language capabilities.

Increase the reach and impact of DTAC analysis by creating public and private sector partnerships across Europe.

Manage defined programs, deliverables and supporting budget allocations in support of Microsoft and its customers.

Embody our culture and a demonstrated commitment to the company’s core values, including a commitment to high ethical standards, unquestioned integrity, and a commitment to advancing the company’s diversity & inclusion commitments.

Qualifications

Minimum/Required Qualifications:
10+ years of experience managing complex teams under time and resource constraints.

3+ years of technical and operational experience researching and protecting against malign influence actors, their objectives, their methods and their employment of technology to achieve their ends.

Experience defending democratic elections, elected officials and institutions from cyber-attacks and/or malign information campaigns.

5+ years of experience working with democratic governments and agencies across Europe and North America.

3+ years of experience working with and developing partnerships in the technology industry as well as strategic relationships with key threat intelligence partners in government and industry across North America and Europe.

TS/SCI Security Clearance with Polygraph (most recent Tier 5 investigation within the last 4 years)

Preferred Experience:
5+ years producing actionable threat intelligence and written analysis, reports, and products.

Experience briefing principles at government agencies and industry, relaying findings and offering recommendations for incident response and mitigation.

Able to implement best practices for data handling, storage and information security.

Experience managing government programs to deliver on defined milestones while managing budget allocations and resource constraints.

Russian language skills preferable, other European languages helpful.

Delivers written material and presentations to senior leaders of government institutions.

Ability to triage information, develop reporting pipelines and craft strategic insights quickly and efficiently.

Excellent cross-group collaborator with strong organizational skills, quickly understanding and meeting needs of customer and peer teams.

Ability to effectively multi-task and prioritize in a fast-paced environment.

Domestic and international travel will be required, estimated to be less than 50%. This includes meetings at Microsoft’s Corporate Headquarters, in Redmond, WA, travel between Microsoft offices and government and industry headquarters and as needed international travel in support of team findings. The role is based in either the New York City, NY or Reston, VA office.

If hired for this position, the team you would be joining is part of our Cloud organization and/or works with government contracts and as such has a unique background check requirement, detailed below. Please note you will be provided with steps for completing the check if you accept a role on the team.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

The successful candidates must have an active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate U.S. Government clearance and/or customer screening requirements may result in employment action up to and including termination.

Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

#CELA

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.