Senior Security Program Manager

Microsoft Microsoft · Big Tech · Redmond, WA +1 · Security Assurance

Senior Security Program Manager to lead end-to-end security assurance efforts including security compliance, risk assessment, and supporting vulnerability research and security tooling efforts across Windows.

What you'd actually do

  1. Drive the Windows EnS security risk assessment framework by executing systematic identification, prioritization, and tracking of security risks across OS, firmware, silicon, drivers, and ecosystem dependencies.
  2. Partner deeply with engineering, architecture, and threat intelligence teams to translate emerging threats, vulnerability trends, and attacker techniques into clear, actionable insights and platform improvements.
  3. Execute and evolve the security assurance process for Windows teams, enabling a scalable, risk-based approach that supports shared responsibility while ensuring consistent security review coverage and compliance.
  4. Lead cross-team security initiatives and coordination by driving planning, aligning stakeholders, and ensuring effective PM coverage across key areas of the team’s charter.
  5. Deliver end-to-end execution on high-impact security efforts, from problem definition through implementation, tracking measurable outcomes and continuously improving processes.

Skills

Required

  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection.
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection.
  • equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements

Nice to have

  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field.
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in security or related field.
  • equivalent experience.
  • Ability to create clarity, energy, and cohesion across the team.
  • Ability to influence and drive security initiatives across groups.
  • 10+ years of experience in a software engineering or security-related engineering.
  • Demonstrated experience in security research, especially around vulnerability discovery.
  • Experience exploiting bugs and bypassing security mitigations in operating systems.
  • Familiarity with Microsoft Windows architecture.

What the JD emphasized

  • security compliance
  • risk assessment
  • vulnerability research
  • security tooling
  • security assurance
  • security risk assessment framework
  • security review coverage
  • security initiatives
  • security engineering