In my first post whoami I mentioned that that I am a PM on the DDCPX team handling the release and distribution channels. I mentioned that I took up this position to replace another team member who moved to a different team.

Well, lightning does strike the same place twice sometimes. Shortly after I took on this role, another team member who was the primary Security PM for the division moved elsewhere, and I was given an opportunity which I just had to grab.

Microsoft releases fixes for security vulnerabilities in its products via security bulletins on a day folks outside Microsoft refer to as Microsoft Patch Tuesday. This is (almost) always the second Tuesday of every month. Each division has a Security PM, and the role I have picked up is Security PM for the Developer Division.

So what does the Security PM do ? He or she is responsible for security updates for the division. In my case, this means that when there is a security vulnerability reported in any product coming out of the Developer Division (e.g. Visual Studio, .Net Framework, etc), I would be the first point of contact for the MSRC team which handles and is ultimately responsible for all security updates company wide. I would need to identify the appropriate owner(s) for the vulnerable component/dll, work with the teams to anlayze the issue and  prioritize, implement a fix, and simultaneously work with the MSRC team for the release of this update to the general public. Yup, that means I expect to live and breath by Microsoft Patch Tuesday schedules.

In the short term, I continue to handle the release distribution channels I picked up earlier, but I expect to hand that over to another team member.