|Job Type:||Full Time|
Microsoft is on a mission to empower every person and every organization on the planet to achieve more. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. Growth mindset encourages each of us to lean in and learn what matters most to our customers, to create the foundational knowledge that enables us to make customer-first decisions in everything we do. In doing so, we create life-changing innovations that impact billions of lives around the world. You can help us achieve our mission.
Microsoft Federal delivers a single unified organization centered around our customer: All critical customer functions are brought under the same organizational umbrella. Bringing together the breadth and depth in our space with a razor sharp focus on serving the U.S. Government. Our federal customers’ expectations of how to contract, interact, and partner with us are changing, and they need to evolve at the pace of the private sector. Launching a nimble, empowered organization with comprehensive resources allows us to work hand in hand with our customers to accelerate their technology innovation, whether through R&D or through direct contracting.
Microsoft Federal serves the U.S. Government (USG), allowing Microsoft to support the growing government business. The organization supports the capabilities and requirements to service USG through direct sales, contracting, and billing with the USG. Microsoft Federal entity will meet obligations of manage contracts with the USG through six business teams and three enablement teams.
We are committed to empowering our teams, building upon our strategic investments, and delivering the technology to achieve federal missions. As our federal customers pursue their work, from defending the nation, to serving its citizens in challenging times, they look to Microsoft to help them innovate, and they expect end-to-end engagement tailored to their needs.
Microsoft has been committed to and continues to heavily invest in supporting our Federal Government. Microsoft Federal offers our full spectrum of products and services, including hardware, software, online products, and consulting and services.
Join us and be one who helps to empower the US government! That’s incredible reach. When you combine that with your own inspiration, plus the freedom and support to make your ideas happen, you can make a huge impact.
We are looking for an energetic self-starter that can perform, and review technical security assessments of cloud computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations and recommended mitigation strategies. Be passionate about ensuring the security of multiple organization's classified and unclassified cloud information systems. Development of IT security policies and standards for multiple federal agencies. Be able to work with other teams across the organization to gain an in-depth understanding of system architectures and cloud system configurations. Be a passionate and open communicator with taking complex concepts and tailoring them to the audiences from engineers to executive leadership.
The ideal candidate will have advanced experience in the federal Authority to Operate (ATO) process, with a minimum of 8 years of experience. Able to guide customers through a seamless accreditation process using experience, tools, and effective communication of cloud security posture. In depth understanding of artifact creation, eMASS, Xacta, POA&M as well as creation and validation of SSP creation for unique mission applications.
The ideal candidate will have a passion for the customer, which is demonstrated through professionalism. The role requires an individual, who can thrive in ambiguity, is self-motivated, resourceful, confident under pressure, and has demonstrated skilled expectation management. Ability to pivot mid workstream as well as juggle multiple accreditation packages across multiple customers will be a must have skill.
- In-depth knowledge of firewall (packet filtering, application level gateway, next generation) configurations within a cloud environment
- Deep understanding of Intrusion Detection Systems (IDS) to identify security issues for remediation and reporting
- Identify and develop mitigation strategies for cybersecurity threats and security vulnerabilities
- Evaluate configuration changes and their impact to the security posture of multiple enterprise cloud solutions
- Analyze Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP)
- Assess Risk Management Framework (RMF) NIST 800-53 R4 Information Assurance Controls
- Assess and assist with implementation recommendations of countermeasures or mitigating controls
- Ensure the integrity and protection of networks, systems, and applications by technical enforcement of Enterprise security policies, through monitoring and analysis of vulnerability scans and system log information
- Perform documentation requirements for periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
- Prepare incident reports of analysis methodology and results
- Provide guidance and work leadership to less-experienced technical staff members and customers
- Interpret results from network/server/application scanning tools such as Tenable Nessus, Checkmarx and Fortify
- Interpret, document, and advise customers on emerging security, governance, and continuous monitoring policies
- Articulate cybersecurity risk to senior leadership and provide recommendations for remediation/risk acceptance
- Develop and/or support the successful development of cybersecurity processes and procedures
- Deep understanding of NIST RMF Steps 1-6
- Ability to explain inheritance models and resources
- CompTIA Security+ CE
- Risk Management Framework (RMF) Knowledge
- FedRAMP inheritance model
- Body of Evidence creation and review for complex cloud systems
- Knowledge of, and practical experience with the NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500, FIPS 199 and FIPS 200
- Experience with cloud network technologies and the ability to demonstrate knowledge of protocols, communications systems, and architectures
- Bachelor’s degree in Cybersecurity
The successful candidate must be a U.S. Citizen. Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements.
The successful candidate must have an active U.S. Government Secret Security Clearance. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate clearance and/or customer screening requirements may result in employment action up to and including termination.
Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.
Cloud Screening: Candidates must be able to successfully complete and pass a Microsoft Cloud background screening. Required Cloud Screenings will be administered on a recurring bi-annual basis.
Optional Skills (Preferred)
- CISSP or other similar information security certification
- Master’s Degree in Cybersecurity
- Prior DOD ISSM, ISSO or ISSE
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.