Senior Security Engineer

Senior Security Engineer

05 Oct 2024
Washington, Redmond, 98052 Redmond USA

Senior Security Engineer

Security represents the most critical priority for customers in the world awash in digital threats, regulatory scrutiny, and technical complexity. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate.The Azure AI Platform security team is seeking a Senior Security Engineer to help us safely usher in the next frontier in AI technology. If you have experience performing security assessments, penetration testing, threat modeling in cloud computing environments, and you are eager to secure the future of AI, we would love to speak with you! In this role, you'll partner with product engineering teams to assess the security of their services and ensure that we live up to our security promises. You'll plan and manage your own security engagements, from enumerating the attack surface, setting up a test environment, evaluating the design and testing the implementation for security deficiencies, and providing your findings and recommendations for remediation. As you discover systemic issues and anti-patterns, you will be empowered to propose and drive solutions that raise the security bar across multiple services by eliminating entire vulnerability classes. You should be comfortable reading and understanding code to analyze implementations for potential security vulnerabilities and inform your penetration testing. Familiarity with common web penetration testing tools such as Burp Suite or other intercepting proxies will be necessary. As you dive deep into a given service, you will examine all layers of the OSI stack for the service, ranging from the web UI, the API, the cloud environment, cluster orchestration, and Linux-based nodes and containers. You'll have the opportunity to amplify your impact by suggesting product improvements that provide customers with a paved path to security by default. Because of the breadth and depth of this role, we do not necessarily expect candidates to have deep experience in all relevant dimensions of the security stack, and security engineers new to the AI space are encouraged to apply. We seek well-rounded individuals, and we leverage each other as appropriate to create a well-rounded team. While technical fundamentals are important, the ability to navigate both technical and organizational ambiguity, go deep in unfamiliar domains, independently develop subject-matter expertise, and build trust with partner teams will be required to succeed in this role. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.Responsibilities

Use subject matter expertise to identify potential security issues, tools, mitigations, and processes (e.g., architecture, failure modes, attack chain, threat modeling, vulnerabilities).

Analyze complex issues using multiple data sources to identify security problems.

Create new solutions to mitigate security issues; Help to drive resolution for systemic security issues.

Effectively communicate security defects to stakeholders at various levels.

Work as an effective and inclusive team player, sharing and learning from others.

Other

Embody our culture and values

QualificationsRequired/Minimum Qualifications:

5+ years experience in software development lifecycle, large scale computing, modeling, cybersecurity, anomaly detection

OR bachelor's degree in computer science,Cybersecurity, or related field

OR equivalent experience.

5+ years experience performing security assessments and penetration testing

3+ years experience securing cloud computing environments

3+ years experience with one or more of C#, Python, Rust, or JavaScript, PowerShell

Other Requirements

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:

This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter

Security Assurance IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-payMicrosoft will accept applications for the role until October 25, 2024.#DSR #MSFTSecurity #SHPE24MSFTMicrosoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .

Related jobs

  • Microsoft is a company where passionate innovators come to collaborate, envision what can be and take their careers further. This is a world of more possibilities, more innovation, more openness, and the sky is the limit thinking in a cloud-enabled world.

  • Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

  • More than ever before, cloud services are transforming the way the world does business. As you’ve probably heard, Microsoft is committed to being cloud-first, and with several multi-billion dollar services already serving the needs of individuals and organizations all over the globe, the opportunity to shape the future has never been greater!

  • More than ever before, cloud services are transforming the way the world does business. As you’ve probably heard, Microsoft is committed to being cloud-first, and with several multi-billion dollar services already serving the needs of individuals and organizations all over the globe, the opportunity to shape the future has never been greater!

  • More than ever before, cloud services are transforming the way the world does business. As you’ve probably heard, Microsoft is committed to being cloud-first, and with several multi-billion dollar services already serving the needs of individuals and organizations all over the globe, the opportunity to shape the future has never been greater!

  • Senior Electrical Engineer

  • The Documentation Platform team operates platforms to manage engineering documentation for teams across Microsoft. We exist to make the process of writing and accessing engineering documentation a delightful experience for engineers, and we believe in the power of great documentation technology to enable engineering excellence.

Job Details

Jocancy Online Job Portal by jobSearchi.