Site Reliability Engineer II

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

We are looking for a Site Reliabiity Engineer who specializes in Active Directory infrastructure to join our organization to manage and evolve the enterprise identity infrastructure that supports Microsoft's corporate environment. We are building and securing directory services that are foundational to authentication, access, and identity management across the company. We are seeking an engineer with deep expertise in Active Directory, Windows Server, and enterprise identity who can drive improvements in operational reliability, security posture, and automation. This role focuses on strengthening Microsoft's hybrid identity platform-spanning on-premises AD and integration with Azure AD-to support business agility and defense-in-depth security.

In this role, you will help deliver resilient, secure, and scalable directory services by collaboratively engineering the systems that support authentication and authorization across a globally distributed infrastructure. You will contribute to hardening the AD environment, troubleshooting complex authentication issues, and implementing automation to enhance stability and efficiency using PowerShell and infrastructure-as-code principles. Successful candidates will have in-depth technical experience with Windows Server, Active Directory, DNS, and authentication protocols such as Kerberos, NTLM, and LDAP/S. They should combine their technical skills with a strong security mindset, operational discipline, and the ability to collaborate effectively with infrastructure, cloud, and security teams to improve Microsoft's core identity services.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities:

• Maintain a mission-critical, large-scale enterprise Active Directory infrastructure that underpins Microsoft's corporate network.
• Build, configure, and troubleshoot Windows Server OS, Active Directory, DNS services, Azure IaaS, and hybrid identity integrations with Azure AD.
• Own, triage, investigate, and resolve service issues with a focus on root cause analysis and long-term remediation.
• Identify and implement automation opportunities to improve service health, manageability, reliability, and operational visibility.
• Design, script, and maintain end-to-end service telemetry, alerting, and self-healing capabilities to support a highly available environment.
• Ensure security best practices are applied across directory services, including hardening, auditing, access controls, and threat mitigation.
• Develop and maintain comprehensive functional and technical documentation.
• Collaborate and communicate effectively at a deep technical level with engineering, operations, and program management teams to improve infrastructure, optimize services, and shape platform evolution.
• Stay current with industry trends, technologies, and best practices, including coding standards, DevOps/SRE principles, and modern CI/CD pipelines.

Qualifications:

Required/minimum qualifications

• Master's Degree in Computer Science, Information Technology, or related field
  • OR Bachelor's Degree in Computer Science, Information Technology, or related field AND 1+ years of technical experience in software engineering, network engineering, or systems administration
  • OR 4+ years of technical experience in software engineering, network engineering, or systems administration
• 1+ years of Active Directory, Windows Server, enterprise scale Identity management and DNS Services experience
• 1+ years of developing and supporting deployment/orchestration automation with PowerShell, C#, Python or similar languages

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or preferred qualifications

• Master's Degree in Computer Science, Information Technology, or related field AND 1+ years of technical experience in software engineering, network engineering, or systems administration
  • OR Bachelor's Degree in Computer Science, Information Technology, or related field AND 2+ years of technical experience in software engineering, network engineering, or systems administration
  • OR 5+ years of technical experience in software engineering, network engineering, or systems administration
• 2+ years of Active Directory, Windows Server, enterprise scale Identity management and DNS Services experience
• 2+ years of developing and supporting deployment/orchestration automation with PowerShell, C#, Python or similar languages
• 2+ years of managing technical services/infrastructure

Site Reliability Engineering IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: ;br>
Microsoft will accept applications for the role until July 2, 2025.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MSFTSecurity #ActiveDirectory #SRE