Overview
On Site
USD 119,800.00 - 234,700.00 per year
Full Time
Skills
Artificial Intelligence
Leadership
Microsoft Office
Collaboration
Accountability
Design Analysis
Quantitative Analysis
Software Design
Threat Modeling
Software Development
Modeling
Cyber Security
Software Engineering
C#
Java
C++
JavaScript
TypeScript
Assembly
Ruby
Python
Golang
Scripting
SQL
Management
Statistics
Mathematics
Computer Science
Computer Networking
Database Administration
Big Data
Microsoft Azure
Cloud Computing
Pick
Internal Communications
Integrated Circuit
IC
Penetration Testing
Legal
Recruiting
Microsoft
Job Details
The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.
We are looking for a reliable and collaborative Senior Security Engineer with excellent judgment and a well-rounded background in security and software engineering to help tackle complex security challenges in Azure through a data - and product-driven lens. In this role, you will advance security by working with other Security Engineers, Program and Product Managers, Developers, and business leaders throughout Microsoft to turn individual findings and vulnerabilities into patterns and insights that can be measured and managed through engineering, automation, and other appropriate mitigations. You will provide technical security leadership both inside and outside of Microsoft and stay on top of current developments for the benefit of Microsoft products and services.
This is a US-based role and a flexible work opportunity that can be fully remote, hybrid, or full-time onsite.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities:
Vulnerability discovery, variant hunting, and penetration testing: Using the best available and most appropriate methodologies - such as threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST - you will conduct in-depth assessments of selected target systems in detail to identify vulnerabilities and weaknesses. You'll also perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion.
Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end.
Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations.
Software Development: You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services.
Follow through and closure: You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings.
Other : Embody our Culture and Values
Qualifications:
Required Qualifications:
Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
OR equivalent experience.
3+ years of experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
3+ years of experience in a hands-on security role, with demonstrable software engineering skills.
3+ years of demonstrated coding skills in one or more popular languages and platforms - such as C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang.
3+ years of technical experience with multiple classes of vulnerabilities - such as cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, crypt Save ographic weaknesses, insecure direct object references.
Preferred Qualifications:
Bachelor's Degree in Statistics, Mathematics, Computer Science. Engineering, or related field AND 8+ years experience in security or related field
OR Master's Degree in Statistics, Mathematics, Computer Science, Engineering or related field AND 6+ years experience in security or related field
OR equivalent experience.
Experience in technical disciplines outside the security space, including general software
development, networking, database management, big data and full-stack development.
Demonstrated knowledge and understanding of Microsoft Azure or competing cloud services.
Ability to pick up new languages, platforms, and frameworks platforms quickly.
Ability to communicate about them to technical and non-technical audiences.
Penetration Testing IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: ;br>
Microsoft will accept applications for the role until August 21, 2024.
#DevSec #VariantHunting #PenTesting
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
We are looking for a reliable and collaborative Senior Security Engineer with excellent judgment and a well-rounded background in security and software engineering to help tackle complex security challenges in Azure through a data - and product-driven lens. In this role, you will advance security by working with other Security Engineers, Program and Product Managers, Developers, and business leaders throughout Microsoft to turn individual findings and vulnerabilities into patterns and insights that can be measured and managed through engineering, automation, and other appropriate mitigations. You will provide technical security leadership both inside and outside of Microsoft and stay on top of current developments for the benefit of Microsoft products and services.
This is a US-based role and a flexible work opportunity that can be fully remote, hybrid, or full-time onsite.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities:
Vulnerability discovery, variant hunting, and penetration testing: Using the best available and most appropriate methodologies - such as threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST - you will conduct in-depth assessments of selected target systems in detail to identify vulnerabilities and weaknesses. You'll also perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion.
Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end.
Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations.
Software Development: You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services.
Follow through and closure: You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings.
Other : Embody our Culture and Values
Qualifications:
Required Qualifications:
Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
OR equivalent experience.
3+ years of experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
3+ years of experience in a hands-on security role, with demonstrable software engineering skills.
3+ years of demonstrated coding skills in one or more popular languages and platforms - such as C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang.
3+ years of technical experience with multiple classes of vulnerabilities - such as cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, crypt Save ographic weaknesses, insecure direct object references.
Preferred Qualifications:
Bachelor's Degree in Statistics, Mathematics, Computer Science. Engineering, or related field AND 8+ years experience in security or related field
OR Master's Degree in Statistics, Mathematics, Computer Science, Engineering or related field AND 6+ years experience in security or related field
OR equivalent experience.
Experience in technical disciplines outside the security space, including general software
development, networking, database management, big data and full-stack development.
Demonstrated knowledge and understanding of Microsoft Azure or competing cloud services.
Ability to pick up new languages, platforms, and frameworks platforms quickly.
Ability to communicate about them to technical and non-technical audiences.
Penetration Testing IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: ;br>
Microsoft will accept applications for the role until August 21, 2024.
#DevSec #VariantHunting #PenTesting
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.