Security Software Engineer - CTJ

Last updated 4 days ago
Location:Redmond, Washington, Reston, Virginia
Job Type:Full Time

Microsoft Azure is at the center of Microsoft’s cloud services strategy. Azure brings together virtualization, compute, storage, authentication, authorization, media and more to enable anyone to bring their business in the cloud. The Azure Security Engineering organization focuses on ensuring a secure Azure platform for developers and a secure experience for millions of users worldwide.

Responsibilities

We are looking for a reliable and diligent engineer with good judgment and track record in security and software engineering, who can bring their experience to bear on improving the state of the art. You will have an opportunity to contribute to advancing security, while working with other Security Engineers, Program Managers, and Developers throughout the Azure organization to instill a core security mindset and culture. This job also provides a platform for contributing to technical security leadership, inside and outside of Microsoft, and for staying on top of current developments for the benefit of Microsoft products and services.

Key responsibilities include:

  • Penetration testing: you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, and, in collaboration with other penetration testing and red teams around the company, demonstrate the value of an “assume breach” mentality.

Tool Prototypes & development: you will contribute to the development of tools, processes, and policies to prevent, detect, and resolve classes of issues across Azure services.

Threat modeling and security reviews: you will review the design of services from a security perspective to identity vulnerabilities and weaknesses in the architecture. And collaborate with service team, guiding them to implement those recommendations and helping them to succeed with a security mindset.

Emerging Threat and Vulnerability Research – You will have opportunities to identify and evaluate new areas for research, perform analysis into emerging threats, including proactive security research on the technologies that Azure and our customers utilize and depend on.

To thrive in this position, you will need the following:

  • A learning and sharing mindset along with drive to improve the existing state.
  • Good communication skills, empathy, and ability to collaborate within a diverse team.
  • High standards for security domain knowledge along with a track record for writing quality code on popular platforms and languages.

Qualifications

Required Qualifications:

  • Candidates MUST have Active, Current Top Secret Clearance and be willing to upgrade to TS/SCI with Full Scope Polygraph (FSP) or have an Active, Current Top Secret SCI (TS/SCI) and be willing to upgrade to TS/SCI (with Full Scope Polygraph).
  • This role will require you to maintain the TS/SCI (with polygraph) clearance.
  • Must be able to pass the Microsoft Cloud Background Check and will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Bachelor of Science in Computer Science, Mathematics, Engineering or an additional 4 years equivalent SW development experience.
  • 5+ years’ experience in a hands-on SW Engineering Security role, with demonstrable software engineering skills and mastery of multiple classes of security defects.
  • 5+ years' demonstrated experience and coding in one or more popular languages and platforms, including C#, Java, C++, JavaScript/TypeScript, SQL, assembly, Ruby, Python, GoLang, and others, and the ability to pick up new languages, platforms, and frameworks quickly.

Preferred Qualifications:

  • Current TS SCI Clearance with Full Scope Polygraph is highly preferred.
  • Experience in technical disciplines outside security space, including general software development, networking, database management, big data, and full-stack development is a strong plus
  • Masters of Science in Computer Science, Mathematics, Engineering is highly preferred.
  • Knowledge of Microsoft Azure or competing cloud services is a plus.

#AzureSecCSS

#AzureSecOpen

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Candidates must be able to meet Microsoft security screening requirements for this role. These requirements include:

Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.