Microsoft Azure is at the center of Microsoft’s cloud services strategy. Azure brings together virtualization, compute , storage, authentication, authorization, media and more to enable anyone to bring their business into the cloud. The Azure Security Engineering organization focuses on ensuring a secure Azure platform for developers and a secure experience for millions of users worldwide.
We are looking for a reliable and diligent Principal Security Software Engineer with good judgment and a track record in security, who can bring their experience to help drive security solutions in Azure, while working with other Security Engineers, Program Managers, and Developers throughout the Azure organization to instill the core security mindset and culture. This job also provides a platform for contributing to technical security leadership, inside and outside of Microsoft, and stays on top of current developments for the benefit of Microsoft products and services.
Qualifications:
Required Qualifications:
- Bachelor’s Degree in Computer Science, or related technical discipline AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript/TypeScript, SQL, assembly, GoLang or Python
-
- OR equivalent experience.
-
Other Requirements:
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred Qualifications:
- 4+ years’ experience in a hands-on Security role, conducting architecture reviews, penetration testing and other security assurance activities and has a track record of driving security solutions.
- 4+ years’ experience of proficiency in varied security vulnerability classes across the stack, ability to apply them aptly in security activities and communicate seamlessly about them to varied audiences.
- Experience in technical disciplines outside security space, including general software development, networking, database management, big data, and full-stack development
- Master of Science in Computer Science, Mathematics, Engineering or equivalent software security education/demonstratable experience
- Knowledge of Microsoft Azure or competing cloud services
- High standards for security domain knowledge along with a track record for writing quality code on popular platforms and languages.
Software Engineering IC5 – The typical base pay range for this role across the U.S. is USD $133,600 – $256,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $173,200 – $282,200 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#AzureSecCSS
#AzureSecOpen
Responsibilities:
Foundational Security Reviews
Engage in conducting deep security review ops for chosen foundational services, to proactively d iscover and remediate systemic issues, with the goal of eliminating classes of vulnerabilities and reducing risk to Azure services.
- Driving Security Solutions
Partner with Engineering organizations to derive applicability of systemic issues, devise solutions and help consult on an incremental mitigation plan for the same. This involves contribut ing to the development of tools,processes, and policiesto prevent, detect, and resolve classes of issues across Azure services.
- Emerging Threat and Vulnerability Research
I dentify and evaluate new areas for research, perform analysis into emerging threats, including proactive security research on the technologies that Azure and our customers utilize and depend on. This enables us to tactically stay ahead of bad actors targeting Azure cloud.
- Threat modeling
R eview the design of Azure services from a security perspective to identity design weaknesses in architecture . C ollaborate with the service team, guiding them to implement those recommendations and helping them to succeed with a security mindset.