CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Senior Security Program Manager

United States, Redmond Employment contract 119800.00 - 234700.00 USD / Year · Job Posted April 23, 2026
Apply Position
Job Link Share

Job Description

The Microsoft Windows Security team is responsible for protecting billions of Windows devices by driving platform‑level security, risk reduction, and resilient-by-design engineering across the Windows ecosystem. We are seeking a Senior Security Program Manager to lead our end‑to‑end security assurance effort including security compliance, risk assessment, and supporting our vulnerability research and security tooling efforts across Windows. This role sits at the intersection of platform security architecture, threat intelligence, vulnerability discovery, and execution, with broad influence across Windows engineering and other internal and external security assurance and research partners. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees, we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Job Responsibility

  • Drive the Windows EnS security risk assessment framework by executing systematic identification, prioritization, and tracking of security risks across OS, firmware, silicon, drivers, and ecosystem dependencies
  • Partner deeply with engineering, architecture, and threat intelligence teams to translate emerging threats, vulnerability trends, and attacker techniques into clear, actionable insights and platform improvements
  • Execute and evolve the security assurance process for Windows teams, enabling a scalable, risk-based approach that supports shared responsibility while ensuring consistent security review coverage and compliance
  • Lead cross-team security initiatives and coordination by driving planning, aligning stakeholders, and ensuring effective PM coverage across key areas of the team’s charter
  • Influence without authority by building solid partnerships across EnS security engineering and partner teams, ensuring alignment on priorities, risks, and mitigation strategies
  • Deliver end-to-end execution on high-impact security efforts, from problem definition through implementation, tracking measurable outcomes and continuously improving processes

Requirements

  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in security or related field
  • OR equivalent experience
  • Ability to create clarity, energy, and cohesion across the team
  • Ability to influence and drive security initiatives across groups
  • 10+ years of experience in a software engineering or security-related engineering
  • Demonstrated experience in security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture

Nice to have

  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in security or related field
  • OR equivalent experience
  • Ability to create clarity, energy, and cohesion across the team
  • Ability to influence and drive security initiatives across groups
  • 10+ years of experience in a software engineering or security-related engineering
  • Demonstrated experience in security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture

What we offer

Certain roles may be eligible for benefits and other compensation

Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Program Manager

8 matching positions

Senior Security Program Manager

Join Microsoft’s Specialized Clouds Security Fundamentals team! We are at the fo...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Foundational understanding of security principles, cloud technologies, and program management practices
  • Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations
  • Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.)
  • Demonstrated ability to translate customer or stakeholder needs into actionable requirements
  • Written and verbal communication skills, with the ability to clearly convey technical concepts to diverse audiences
  • Proven collaboration skills, including working effectively in cross-functional teams and building trusted relationships
  • Ability to manage multiple priorities, meet deadlines, and follow through reliably on commitments
Job Responsibility
Job Responsibility
  • Assist in assessing detection coverage by helping gather, analyze, and document inventory, telemetry, and detection data across cloud environments to identify gaps and inconsistencies
  • Contribute to detection development and tuning by researching incidents, attacker techniques, and analyst findings to develop durable detection strategies across the entire kill-chain
  • Collaborate with engineers and analysts to support testing, validation, and refinement of detection and response capabilities in cloud and containerized environments
  • Demonstrate strong organizational skills, clarity in communication, and reliability in execution
  • Stay current on security trends, regulatory changes, and best practices, and advocate for innovation and continuous improvement in security programs
  • Drive cross-division alignment among product teams to improve security posture of Microsoft's Specialized Clouds
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

We are seeking a skilled and detail-oriented Senior Security Program Manager, Pu...
Location
Location
United States , New York
Salary
Salary:
160400.00 - 259150.00 USD / Year
ramp.com Logo
Ramp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security or compliance, with a focus on government and public sector regulatory frameworks (e.g., FedRAMP, GovRAMP, FISMA, NIST RMF)
  • Knowledge of NIST SP 800-53 and experience mapping controls across frameworks
  • Experience with cloud environments like AWS GovCloud or Azure Government, including implementation of compliant architectures
  • Proven ability to manage large-scale compliance programs across diverse stakeholder groups
  • Demonstrated success developing and maintaining regulatory documentation and audit evidence
  • Experience leading engagements with internal teams, assessors, and government partners
  • Strong written and verbal communication skills, including translating between technical and executive audiences
  • Excellent organizational skills and the ability to manage multiple initiatives with competing priorities
  • Self-starter with strong problem-solving abilities in ambiguous, fast-moving environments
Job Responsibility
Job Responsibility
  • Lead all aspects of the compliance lifecycle across multiple public sector frameworks (e.g., FedRAMP, GovRAMP), including risk assessments, continuous monitoring, audits, and authorization management
  • Drive complex cross-functional program management efforts involving teams across security, legal, engineering, infrastructure, and product functions
  • Serve as a subject matter expert on risk management and regulatory compliance for federal, state, and local government environments
  • Develop and maintain comprehensive security documentation aligned with applicable frameworks, including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and data flow diagrams
  • Monitor compliance with control requirements (e.g., NIST 800-53, GovRAMP Baselines) and coordinate the implementation of technical and procedural safeguards
  • Engage with third-party assessors (3PAOs or independent assessors), government sponsors, and internal teams to support assessments and audits
  • Lead readiness assessments and support the prioritization of remediation activities across teams
  • Manage timely tracking and closure of vulnerabilities and findings
  • ensure reporting and documentation obligations are met
  • Provide risk-informed compliance recommendations that influence infrastructure and product development decisions
What we offer
What we offer
  • 100% medical, dental & vision insurance coverage for you
  • Partially covered for your dependents
  • One Medical annual membership
  • 401k (including employer match on contributions made while employed by Ramp)
  • Flexible PTO
  • Fertility HRA (up to $10,000 per year)
  • Parental Leave
  • Unlimited AI token usage
  • Pet insurance
  • Centralized home-office equipment ordering for all employees
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

As a Senior Security Program Manager, you will drive execution of Keyrock’s high...
Location
Location
Salary
Salary:
Not provided
keyrock.com Logo
Keyrock
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in security program management / technical program management / security operations program delivery
  • Demonstrated experience running cross-functional programs across engineering and operations (scope, schedule, risks, dependencies)
  • Strong technical fluency in cloud/infra, identity/access, vulnerability management, security monitoring, and incident processes
  • Excellent written/verbal communication with the ability to translate complex risk into clear priorities
Job Responsibility
Job Responsibility
  • Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes)
  • Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services)
  • Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates
  • Support the CISO in delivering firmwide initiatives
  • Partner with Security and Engineering teams to drive key initiatives such as: access governance, secrets management, vulnerability remediation, security logging/monitoring improvements, endpoint/security baseline, and secure SDLC enablement
  • Help mature control coverage and evidence for internal/external assurance needs (as applicable in a financial-services context)
  • Partner with the Director of GRC to support GRC and audit initiatives
  • Partner with Security Operations to improve incident preparedness through playbooks, tabletop exercises, lessons learned, and operational runbooks—ensuring security response stays effective in a high-availability trading environment
  • Act as the “glue” across technical and business stakeholders—clarifying ownership, unblocking delivery, and keeping programs moving with crisp communication
  • Build lightweight, scalable processes that improve security consistency without slowing teams
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

Join Microsoft’s Specialized Clouds Security Fundamentals team! We are at the fo...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Partner with engineering and product teams to ensure security requirements are met at scale, leveraging automation and scalable solutions
  • Translate requirements into actionable product requirements and security controls
  • Drive programs focused on deep security engagements, scalable security enforcement, scenario ownership, and integrated scanning solutions
  • Collaborate across teams to align priorities, deliverables, and milestones, ensuring security is embedded throughout the product lifecycle
  • Build trusted relationships with internal and external stakeholders
  • Effectively manage expectations, communicate clearly, and follow through on commitments to drive alignment and build confidence in security outcomes
  • Demonstrate strong organizational skills, clarity in communication, and reliability in execution
  • Stay current on security trends, regulatory changes, and best practices, and advocate for innovation and continuous improvement in security programs
  • Drive cross-division alignment among product teams to improve security posture of platform and services
  • Effectively communicate the security strategy with partners in Microsoft
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

We’re hiring a senior Sr Security Program Manager to contribute to and mature an...
Location
Location
United States , Buffalo
Salary
Salary:
155000.00 - 195000.00 USD / Year
acvauctions.com Logo
ACV Auctions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years experience building and operating security programs in SaaS / marketplace / fintech / large data platforms
  • Demonstrable ownership across AppSec, SecOps, and Corporate Security domains
  • Experience optimizing and helping vulnerability management and incident response programs mature with measurable SLAs (MTTR, remediation windows)
  • Track record of influencing engineering/product leadership and delivering security as a business enabler (not a blocker)
  • Strong program management skills: roadmap creation, cross-functional timelines, budget stewardship, vendor selection and contract negotiation
  • Excellent written + verbal communication
  • experience preparing executive risk briefings and board-level security summaries
  • Bachelor’s degree in CS, Engineering, Information Security, or commensurate experience (5+ years) working in a similar role
Job Responsibility
Job Responsibility
  • Work with stakeholders to create a unified security program roadmap covering Product Security, SecOps, and Enterprise Security
  • Translate risk appetite into prioritized initiatives, funding opportunities, and measurable outcomes
  • Define and publish security KPIs/OKRs as dashboards to various internal audiences
  • Use data to support visibility and continuous improvement
  • Work with security teammates to collectively drive programs partnering with Product, Engineering, and DevOps to embed AppSec into the SSDLC
  • Partner with Operational leads to drive maturity through the creation of requirement frameworks including documented procedures, incident response playbooks, and runbooks
  • Collaborate with Legal, Privacy, and GRC teams to ensure enterprise controls align with SOC 2 and other industry standard framework requirements
  • Partner directly with the CISO to ensure top initiatives are well-planned, resourced, and delivered
  • Identify gaps, improve processes, and support the development of scalable frameworks
  • Drive cybersecurity initiatives from planning through delivery
What we offer
What we offer
  • Multiple medical plans including a high deductible, low cost health plan
  • Company-sponsored (paid) Short-Term Disability, Long-Term Disability, and Life Insurance
  • Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
  • Generous paid time off options, including uncapped vacation days, the greater of 3 paid sick days or in accordance with the applicable state or local paid sick leave law, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave, and other forms of paid leave as required by applicable law or regulation
  • Employee Stock Purchase Program with additional opportunities to earn stock in the Company
  • Retirement planning through the Company’s 401(k)
  • Fulltime
Read More
Arrow Right

Program Manager III - Survivability Mission Systems Senior Program Manager

In Countermeasure & Electromagnetic Attack Solutions, we provide next-generation...
Location
Location
United States , Hudson, New Hampshire
Salary
Salary:
150370.00 - 255630.00 USD / Year
baesystems.com Logo
Baesystems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven program management experience leading large programs and groups of employees and/or teams
  • Outstanding customer relationship skills
  • Experience executing programs using earned value management techniques and metrics
  • Strong proposal management skills and experience
  • Ability to collaborate with multi-functional teams across business areas
  • Ability to negotiate at a high level with internal and external customers and partners, strong collaboration skills
  • Problem Solving Ability: Requires advanced conceptual thinking in complex and/or completely new situations
  • Time management and prioritization skills
  • Excellent written and oral communication skills with experience presenting to senior leaders and customers
  • Strong leadership, coaching and mentoring skills with the ability to achieve results through others
Job Responsibility
Job Responsibility
  • Manages, coordinates, plans, organizes, controls, integrates, and executes elements of a large development program and/or other production/support projects/programs within the SMS portfolio
  • Driving to achieve our financial, schedule, technical, and new business performance objectives
  • Lead by example, foster an inclusive and collaborative culture, and maintain our unwavering commitment to ethical behavior, safety and security
What we offer
What we offer
  • health, dental, and vision insurance
  • health savings accounts
  • a 401(k) savings plan
  • disability coverage
  • life and accident insurance
  • employee assistance program
  • legal plan
  • discounts on things like home, auto, and pet insurance
  • paid time off
  • paid holidays
  • Fulltime
Read More
Arrow Right

Senior Corporate Security Program Manager, Standards, Design, Compliance

At T-Mobile, Corporate Security protects what matters most — our people, our ass...
Location
Location
United States , Overland Park
Salary
Salary:
83500.00 - 150700.00 USD / Year
https://www.t-mobile.com Logo
T-Mobile
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in a related field or equivalent professional experience
  • 4-7 years’ experience in commercial electronic security systems design, auditing, inspections, or policy management
  • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) and comfort using databases and technology platforms
  • Strong attention to detail with critical thinking, problem-solving, and organizational skills
  • Excellent written and verbal communication abilities
  • Ability to work independently, manage priorities, and meet deadlines
  • Experience with Software House C-Cure 9000 and/or AMAG Symmetry access control systems
  • Experience in audit and assessment processes, and developing policy and procedure documentation
  • Ability to travel up to 40%
  • At least 18 years of age
Job Responsibility
Job Responsibility
  • Conduct and document physical security assessments at T-Mobile facilities, commercial offices, and other facility locations
  • Identify security gaps and vulnerabilities
  • initiate and track corrective actions with appropriate partners through resolution
  • Develop and maintain physical security design plans, including placement of access control, intrusion detection, CCTV, and emergency alerting systems for new builds and retrofit projects
  • Assist in drafting, updating, and maintaining security policies, standards, and guidelines
  • Support monthly badge office compliance audits across the enterprise
  • Collaborate with cross-functional partners and integrators to ensure security systems are implemented and maintained to standard
  • Maintain a strong working knowledge of physical security system operations and programming
What we offer
What we offer
  • Competitive base salary and compensation package
  • Annual stock grant
  • Employee stock purchase plan
  • 401(k)
  • Access to free, year-round money coaches
  • Medical, dental and vision insurance
  • Flexible spending account
  • Employee stock grants
  • Employee stock purchase plan
  • Paid time off
  • Fulltime
Read More
Arrow Right

Senior Technical Program Manager, Security

We’re looking for a Security Technical Program Manager (TPM) to lead Webflow’s S...
Location
Location
United States; Canada; Argentina , Remote
Salary
Salary:
128000.00 - 217000.00 USD / Year
webflow.com Logo
Webflow
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-4 years of program or project management experience in technical domains such as security, infrastructure, or DevOps
  • Experience coordinating cross-functional delivery between engineering, security, and operations teams
  • Comfortable working with vulnerability management tools and workflows (e.g., Socket, container scanning, SCA, Jira)
  • Strong organizational skills
  • Communicate clearly and with empathy
  • Understand the importance of balancing speed with security
  • Have experience improving or building processes that make vulnerability management more scalable and predictable
  • Take ownership of your work
  • Thrive in ambiguity
  • Are curious about how security and engineering systems fit together
Job Responsibility
Job Responsibility
  • Coordinate security-wide planning across teams — tracking dependencies, aligning on priorities, and maintaining roadmap visibility
  • Lead the end-to-end Vulnerability Management lifecycle, from discovery to remediation
  • Manage stakeholder communication, and cross-functional alignment
  • Partner with Engineering to ensure vulnerability ownership, ticket quality, and remediation clarity
  • Experience with AI tooling and workflow automation to better drive efficiency
  • Maintain and improve Jira workflows for vulnerability and security ticketing
  • Develop and publish vulnerability metrics and dashboards for visibility and accountability
  • Identify and resolve process bottlenecks
  • drive continuous improvement in the vulnerability lifecycle
  • Collaborate with SMEs in AppSec and SecDevOps to maintain full scanning and tooling coverage (e.g., Socket, container scanning, SCA)
What we offer
What we offer
  • Ownership in what you help build. Every permanent Webflower receives equity (RSUs) in our growing, privately held company
  • Health coverage that actually covers you. Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with Webflow covering most premiums
  • Support for every stage of family life. 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents. Plus inclusive care for family planning, menopause, and midlife transitions
  • Time off that’s actually off. Flexible vacation, paid holidays, and a sabbatical program to help you recharge and come back inspired
  • Wellness for the whole you. Access to mental health resources, therapy and coaching
  • Invest in your future. A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally
  • Monthly stipends that flex with your life. Localized support for work and wellness expenses — from Wi-Fi to workouts
  • Bonus for building together. All full-time, permanent, non-commission employees are eligible for our annual WIN bonus program
  • Fulltime
Read More
Arrow Right