Product Security (ProdSec) Team is responsible for overseeing the security of all the features developed for Skype and Lync Products. As a member of ProdSec team you will provide input and oversight to help build robust and secure solutions that scale for hundreds of millions of users.
ProdSec team partners with other business units helping contribute to designs, development, even test strategies or deployment strategies so that products are created with security as a core focus and can be enjoyed and consumed by millions for their day-to-day communication needs.
What we are looking for:
Microsoft is seeking a self-motivated and dynamic individual to be part of the ProdSec team to engage with teams, influence their processes and priorities, provide expert security guidance and improve security awareness.
• Work in an agile development environment and partner with engineering and product teams to ensure that our products adhere to security best practices.
• Conduct regular security reviews of both software and processes. Review and create threat models.
• Participate in code reviews and educate the engineering teams on best practices for writing secure code.
• Coordinate remediation of any application security weaknesses uncovered.
• Evaluate and promote the use of automation tools to assist manual reviews in identifying issues.
• Promote security training and awareness in the organization.
• Interact with penetration testers and other external vendors as needed.
• Focus on keeping skills current
• Full understanding of web stack.
• Domain expert in security with respect to web development and enterprise app development. Understanding of SDL is a plus.
• Good understanding of cloud technology. Azure is a plus.
• Experience with automation tools and deployments.
• Excellent verbal and written communication skills.
• Leadership qualities including the ability to work effectively with cross-functional teams and be able to mediate diverse opinions.
• A working knowledge of Agile Development.
• BS or MS degree in Computer Science or Engineering OR equivalent years of relevant work experience.