Principal Software Architect

The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.

We are seeking a highly experienced and strategic Principal Architect to join our Cyber Defense Engineering organization. This role is a senior individual contributor position focused on designing and evolving architectural frameworks and solutions that support our mission-critical cybersecurity capabilities. You will work across domains such as data platform engineering, multi-tenant security monitoring, security remediation, and incident response.

Cyber Defense Engineering (CDE) manages services which enable defense operations for Microsoft. Our Remit covers engineering for threat hunting, containment, investigations and security incident operations. We are a group of engineers and product managers partnering deeply with analysts to evolve our current suite of tools to operate at the speed and scale of internal threats.

As a Principal Software Architect, you will partner with engineering, operations, and product teams to define scalable, secure, and resilient architectures. You will also play a key role in shaping the future of our cyber defense capabilities by driving architectural decisions, evaluating emerging technologies, and ensuring alignment with compliance and operational requirements. In addition, you will lead the evolution of development practices across teams, introducing and championing modern methodologies and tools to enhance code quality, streamline deployment processes, and foster a culture of continuous improvement. Your expertise will help ensure that our systems are not only robust and scalable, but also consistently meet the highest standards for security and reliability.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities:

• Direct the design, development, and implementation of architectural frameworks for cybersecurity services, including:
  • Data platforms, detection pipelines, and incident response tools.
  • Scalable multi-tenant security monitoring and telemetry ingestion systems.
  • Security remediation and containment systems with a focus on operational preparedness and soundness.
  • Solutions designed for Microsoft's SOC and Cyber Defense Operations that prioritize security, scalability, and resilience, including security solutions that are scalable across cross-cloud environments.
• Define strategic direction and planning by:
  • Setting strategy, roadmap, and engineering plans for investigation, containment, and incident response platforms.
  • Leading application security and privacy teams, evaluating scalable approaches to privacy and application security challenges, and implementing proof-of-concept projects to identify effective solutions.
  • Lead the functional decomposition of SOC capabilities in the context of technical choices
• Provide architectural guidance and oversight through:
  • Advising on implementation projects to ensure compliance with security, performance, and scalability requirements.
  • Developing architectural governance and recommended practices organization wide.
  • Overseeing initiatives from concept to completion, ensuring adherence to timelines, quality standards, and technical best practices.
• Support continuous advancement of cybersecurity capabilities by:
  • Assessing and incorporating emerging technologies to strengthen threat detection, response, and automation functions.
  • Maintaining and updating the solutions catalog and technology stack in alignment with organizational goals and compliance requirements.
  • Fostering continuous improvement of SOC tools and techniques based on lessons learned, industry trends, and new technologies (including AI and automation) to enhance the SOC Analyst experience.
• Collaborate with stakeholders for project delivery and results optimization by:
  • Working closely with engineering, operations, SOC teams, senior leadership, and product management to integrate diverse perspectives into new SOC capabilities and services.
  • Reviewing current business processes and technical solutions, identifying obstacles, and conducting root cause analyses.
• Embody our culture and values

Qualifications:

Required Qualifications

• Bachelor's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience.
• 10+ years of experience in software development lifecycle, systems architecture, and large-scale computing,with at least 5 years in cybersecurity-focused roles.
• 3+ years of experience in systems engineering, requirements definition, and implementation of roadmaps.
• Deep understanding of cybersecurity domains including threat detection, incident response, and security operations.
• Proven expertise in designing and implementing large-scale, distributed systems in cloud environments (e.g., Azure, AWS).
• Proficient knowledge of architectural patterns for multi-tenant systems and secure service design.
• Experience with data platforms (e.g., telemetry pipelines, SIEM, data lakes) and security analytics.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Track record of driving engineering excellencethrough design reviews, code quality standards, and architectural governance inlcuding:
  • Experience with DevSecOps practices, including secure CI/CD pipelines, infrastructure as code (IaC), and automated compliance checks.
  • Experience leading technical design sessionsand mentoring engineering teams on architectural best practices.
  • Hands-on experience with telemetry, observability, and monitoring frameworksto ensure system health and incident readiness.
• 5+ years of operational experience with a broad spectrum of Azure and security technologies such as SIEM, SOAR, Defender XDR, threat intelligence platforms, Logic Apps, Azure DevOps, Azure Data Explorer (Kusto), Azure Data Lake, and Azure Synapse.
• CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and / or Security+ certification.
• Expertise in designing and implementing security controls for identity management, encryption, access control, data protection, and advanced threat protection.
• Familiarity with Microsoft's internal systems, governance, and cross-functional collaboration models.
• Familiarity with Microsoft Security Commercial Products (e.g. Defender suite, etc) in a multi-tenant, multi-cloud context.

Software Engineering IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year. Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: ;br>
Microsoft will accept applications for the role until August 20, 2025.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MSFTSecurity #CDE