Executive Security Advisor (NYC and Other, US)

Company: Microsoft Corporation
Location: San Francisco
Posted on: October 12, 2018

Job Description:

The Enterprise Cybersecurity Group (ECG) empowers enterprises to confidently move to the cloud and modernize their platforms by delivering the security solutions, expertise and services needed to keep their data safe. ECG is looking for a passionate, experienced and credible security leader to act as Executive Security Advisor for our strategic customers. The person will be Microsoft?s security visionary and evangelist in their assigned region and help to position Microsoft as principal thought leader for cybersecurity. He or she will be responsible for regularly engaging with the security industry through public speaking, standards development, and advanced research. The Executive Security Advisor will also directly support the local sales team in advancing sales opportunities by leveraging their network and credibility and by becoming a trusted advisor to the CISO?s within their region. The Executive Security Advisor will also play a lead role in generating concepts for new Microsoft security and compliance solutions and features. Finally, the Executive Security Advisor will be the regional subject matter expert on security, privacy, and regulatory compliance to sales, marketing, product development, legal and policy teams. He or she will support local sales teams in pursuit of key business opportunities and directly engaging customers in both large and highly regulated environments to address trust concerns. The role involves working as part of a small global team, and although regionally based, the person hired will also support colleagues in other geographies. It is envisioned that the role will involve up to 40% travel, with some global travel required. Successful candidates will work closely with ECG Sales Team personnel, the ECG service delivery teams, local sales & services account teams, public sector and industry teams, legal and corporate affairs, product engineering, and the Digital Crimes Unit to pursue corporate priorities. **Responsibilities** The Executive Security Advisor will be at the forefront of driving Microsoft?s cloud security strategy and compliance and on point for: **Cloud Risk and Compliance** + Working directly with Office 365, Azure, and Windows engineering and marketing teams to resolve and/or devise mitigation strategies on security and compliance blockers + Removing cloud security & compliance blockers within strategic accounts + Mentoring/coaching regional field sellers on new cloud compliance and risk capabilities + Scaling and landing the Office 365 and Azure Trust and compliance messages and best practices in the field + Developing and sharing security and compliance best practices with strategic customers + Differentiating Microsoft?s Intelligent Cloud products and services through their security & compliance capabilities + Securing marquee deals in regulated industries - e.g. banking and insurance, healthcare, government + Assisting the local Account Teams and Specialist Team Units in developing their own skills/readiness, scaling sales opportunities with GBB teams, and developing corresponding best practices **Security Strategy and Advising** + Positioning & evangelizing Microsoft as principal thought leader for cybersecurity within region + Working to become an extension of our strategic customer?s security teams by routinely providing them with security advice, guidance, and recommendations for their digital transformation initiatives and helping them safely move workloads to the cloud + Working closely with the ECG Detection and Response Team to assist with incident response and Cyber Operations Services within strategic accounts + Informing Microsoft?s long-range strategic vision and product roadmap for security and compliance, and facilitating the entry of new security and compliance product concepts to market + Supporting ECG Sales, Services, and Partnership activities + Supporting key account teams & partners in region on cybersecurity matters + Being the public cybersecurity face of Microsoft in region and the face of ECG + Supporting key cross-company objectives and delivery of cyber threat assessments and workshops in region + Enabling the field with the Microsoft Security and compliance story through community channels, training events and programs + Identifying and resolving cybersecurity blockers to sales & consumption + Supporting selected global & regional cybersecurity initiatives + Providing expert consulting on sensitive relationship and technology issues. + Engaging with governments and regulators on cybersecurity, technical policy, and innovation **Qualifications** + A career profile that will enable the candidate to be a credible security evangelist and advisor to C-level executives + 5+ years of experience and direct responsibility for developing security strategies for companies and/or governments and for overseeing the implementation and execution of said strategies, especially as a Chief Information Security Officer (CISO), SOC Director, Chief Risk Officer, Enterprise Security Architect, or Cloud Security Architect + 5+ years of experience developing strategies and architectures for securing cloud workloads, including productivity SaaS applications and IaaS and PaaS workloads + Deep understanding of security controls at the systems, network, and application level. Strong knowledge of ISO 27001, SOC 2/3 audit, FedRamp, HIPPA, GDPR, and risk management experience (e.g., ENISA) + Broad information security competency, covering access control, network security, SDL, cryptography, key management, hardware security modules, security architecture and design, operations security, legal/risk/compliance, and physical security + Have or willing to obtain detailed understanding of Microsoft 365 and Azure security frameworks, all service-level security capabilities (including details of defense-in-depth implementation ? data encryption, data isolation, lock box, customer key, datacenter security, etc.), and all customer controls (identity & access management, RMS, encryption, etc.) + Have or willing to obtain detailed understanding of Microsoft 365 and Azure compliance frameworks, current compliance status for industry standard security & audit frameworks (such as ISO27001, HIPAA, SSAE16, FISMA, NIST, etc.), and compliance features + Executive maturity - ability to develop and maintain relationships with senior leaders both within customers and MSFT, up to and including C-level executives + Well-developed ability to influence without authority to drive change + Strong oral & written communication skills, strong influencing skills, experience in public speaking to large and small audiences. + Experienced & credible communicator who can cast security in the language of the business, discussing Microsoft?s security strategy to C-level executives and senior government representatives. + Experience of working in a global environment, geo-politically aware, sensitive to different government sentiments towards Microsoft + Deep and broad knowledge of security issues & trends, able to articulate the high-level Microsoft security strategy to both technical & non-technical audiences + Expert knowledge on cyber threats, regulations, and emerging security technologies + CISSP certification preferred, or willing to become certified within one year of employment + Able to meet the travel requirements of the role Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: + Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Keywords: Microsoft Corporation, San Francisco , Executive Security Advisor (NYC and Other, US), Other , San Francisco, California