Grant Bugher Email & Phone Number

Kirkland, WA, US

Seattle, Washington, US

• Head of security for Outreach products, services, and underlying infrastructure. Define and own security roadmap, budget, and KPIs. Create quarterly, annual and long-term security and risk management goals, strategies.
• Hired and led a mostly-remote workforce of security engineers and TPMs while developing a comprehensive product and application security function from the ground up. Led implementation of SAST, SCA, security.
• Represented Outreach on frequent direct customer interactions, as well as authoring whitepapers and marketing material representing Outreach's security posture and features. Contributed to acquisition of several.

San Francisco, California, US

• Head of product security for Twitch products and services. Built a comprehensive product and application security function for both internal and 3rd-party development, including hiring the team and creating policies.
• Replaced a review-checkpoint model of application security with a comprehensive security lifecycle, including threat modeling, code analysis, and automation, with education and tools to allow engineering teams to.
• Used metrics, KPIs, and reporting to drive a massive reduction in technical debt, reducing known Severity 1 and 2 vulnerabilities from over 200 to zero.

Redmond, WA, US

• Head of product & application security for the Skype for Business and Microsoft Teams products.
• Developed a security engagement model designed for Skype's agile development methodologies, implementing threat models, design assessments, and security code reviews for Skype for Business and Microsoft Teams features.
• Coordinated security incident response and remediation for incidents in all of Skype's Enterprise products and services.

Redmond, Washington, US

• Formed, hired, and led security architecture and advisory program for all Microsoft online services businesses including Microsoft 365, Microsoft Azure, Bing, and Microsoft Account.
• Hired and mentored a high-performing team of security engineers and architects. Developed a resilient team structure with advancement opportunities and career paths for team members.
• Pioneered Operational Security Assurance, a multi-year program for assuring operational security in a web-scale, heterogeneous environment with clear standards and an assessment, verification, and remediation process..
• Managed multiple cross-disciplinary programs and projects across multiple years and releases while maintaining high performance in each, including an assurance and verification process, long-term dedicated consulting.
• Developed reference architecture for Microsoft’s Sovereign Cloud programs, designing an environment to meet rigorous compliance obligations (FIPS, FISMA and FedRAMP) for government customers while maintaining service.
• Drove governance process for Sovereign Cloud deployments, bringing together data on business impact across multiple products to a senior leadership team for governance and risk management and negotiating with executive.

Redmond, Washington, US

• Owner of the Security Development Lifecycle (SDL) program for online services at Microsoft.
• Created a risk-based application security program for cloud and online applications, both for within Microsoft and for Microsoft's external SDL publications, based on the Security Development Lifecycle used for.
• Directly managed a million-dollar budget and 12-person team, as well as setting security requirements and responsibilities for security engineers across over 200 product teams.
• As a member of Microsoft's SDL Development core team, led efforts to make the Security Development Lifecycle appropriate to fast-paced online services, agile methodologies, and continuous deployment.
• Advised ISC2 on exam questions for the CSSLP certification as an industry expert on security development lifecycles.

Seattle, Washington, US

Redmond, Washington, US

Redmond, Washington, US

B.S., Computer Information Systems, Business Process Management, Entrepreneurship

B.A., Political Science