Principal Software Engineer - AI Safety and Security

Overview

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Artificial Intelligence (AI) has the potential to change the world around us. At Microsoft, we are committed to the advancement of AI driven by ethical principles. Are you passionate about the safety and security of AI and how our lives and society will be impacted? We are seeking an experienced Principal Software Engineer - AI Safety and Security to join a high impact team sitting at the intersection of cybersecurity and generative AI. As a Principal Software Engineer - AI Safety and Security, you will develop and execute the technical strategy for internal platform capabilities, partnering closely with cross-functional teams across the company, to secure Microsoft's flagship AI and agentic products. You will build infrastructure to enable sophisticated threat detection and forensic investigation, produce threat intelligence and insights, and accelerate response to safety and security incidents.

More about our team: We are the Artificial Generative Intelligence Security (AeGIS) team, and we are charged with ensuring justified confidence in the safety and security of Microsoft's generative AI products. This encompasses providing infrastructure for AI safety and security; serving as a coordination point for all things AI incident response; researching the quickly evolving threat landscape; red teaming AI systems for failures; and empowering Microsoft with this knowledge. We partner closely with product engineering teams to mitigate and address the full range of threats that face AI services - from traditional security risks to novel security threats like indirect prompt injection and entirely AI-native threats like the manufacture of sexual exploitation and abuse material (SEAM) or deep fake production or the use of AI to run automated scams. We are a mission-driven team intent on delivering trustworthy AI and response processes when it does not live up to those standards. We are always learning. Insatiably curious. We lean into uncertainty, take risks, and learn quickly from our mistakes. We build on each other's ideas, because we are better together. We are motivated every day to empower others to do and achieve more through our technology and innovation. Together we make a difference for all of our customers, from end users to Fortune 50 enterprises. Our team has people from a wide variety of backgrounds, previous work histories, and life experiences, and we are eager to maintain and grow.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

• AI Logging and Observability: Develop company-wide logging strategies and implementations, enabling reliable attack mapping and automated detections; understand the architecture and pipelines for existing logging, data storage, and observability systems; and determine what additional infrastructure should be built.
• Detection: Partner with AI Incident Response and Threat Hunting teams to create novel detection capabilities; build infrastructure that enables meta-cognition, mechanistic interpretability, and anomaly detection, to identify patterns of attack signatures at scale.
• Threat Intelligence: Deliver data integrations across multiple data sources and platforms; serve diverse stakeholder needs for threat intelligence; partner with data science to operationalize pipelines that aggregate and correlate multi-source signals; deliver actionable insights, trend analyses, and automated reporting integrated with detection and response workflows.
• Mitigations: Partner with AI Red Team, applied science, and security research to implement mitigation strategies against emerging attack techniques; partner with product teams to demonstrate safe system architecture design. Build and maintain data pipelines and integrations with Azure Data Factory, Spark, Kusto, and more. Provide hands-on technical leadership: prototype in code, review designs and Pull Requests (PRs), define APIs and data contracts, build comprehensive architectures, and establish evaluation frameworks to de-risk complex systems.
• Designing, developing, or maintaining secure software systems, with applied knowledge of authentication, data protection, access control, and secure coding practices.
• Designing and building scalable data pipelines and analytics infrastructure using orchestration tools such as Apache Airflow, Azure Data Factory, or equivalent, with an emphasis on data quality, automation, pipeline reliability, and framework development.
• Working with distributed data processing frameworks such as Apache Spark, Databricks, or similar technologies to transform and manage large-scale datasets.
• Design, build, and operate scalable, highly available services and systems across cloud platforms such as Azure, AWS, Google Cloud Platform, or comparable environments.
• Programming in Python, Scala, or similar languages for data engineering tasks, including performance tuning, observability, and working with query languages such as KQL.

Qualifications

Required Qualifications:

• Do you have a Bachelor's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience.

Preferred Qualifications:

• 6+ years experience in technical software engineering with significant ownership of platform, data, or security products, OR equivalent experience.
• 2+ years of demonstrated experience in cybersecurity (SIEM, SOAR, XDR/EDR, cloud security, log/observability platforms, threat detection, security research, or similar).
• 1+ years demonstrated technical depth with LLM Systems, agent orchestration, embeddings, vector databases, and tool use.
• 10+ years experience driving complex platform, data, or security products end-to-end.
• Hands-on experience with cybersecurity workflows (alerting, triage, investigation, threat hunting, incident response) and familiarity with frameworks like MITRE ATT&CK, NIST, or OWASP for LLM applications.
• Deep technical understanding of LLM-based systems-prompts, system instructions, agents/tools, RAG, embeddings-and experience in leading technical strategy and execution to build or secure AI copilots or agent-based products.
• Familiarity with advanced concepts in AI safety, such as metacognition and mechanistic interpretability.
• Familiarity with large-scale telemetry systems (data lakes, streaming pipelines, etc.).
• Experience with cloud-native environments (Azure preferred) and modern data/LLM/ML stacks.
• Exceptional written and verbal skills; adept at articulating business needs and driving alignment across engineering, research, and security teams.

#MSFT Security #MSECAI #AI #RAI #Safety #Security #MSECAI #AEGIS #AIIR #AISP

Software Engineering IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:


This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.