Do you want to find security bugs that impact hundreds of millions of users? You’ll help start the M365 Application Security Team as a Senior Security Engineer, exploring new ways to find, eradicate, and prevent security flaws in our codebase from ever reaching production. You’ll work across Microsoft with developers, pen testers and security personnel to get ahead of those that wish to do harm to our customers and their data. Exchange Online, SharePoint Online and Microsoft Teams are just some of the massive services you’ll get to sink your teeth into. You’ll need to come with an application security background and a drive to innovate across some of the largest and most complex codebases in the world.
- Discover security flaws, and help prevent them from being deployed in M365
- Develop new ways to prioritize projects within the application security space, with a specific focus on finding and getting fixed the worst security flaws in the most places
- Create tools, static analysis, services, or whatever is necessary so that developers and teams discover and address security vulnerabilities
- Collaborate with teams across Microsoft to help perform and validate root cause analysis of failures, and understand different technology stacks
- Join forces with other Offensive Security personnel at the company to leverage the latest trends, and identify good opportunities for attack
- Plan and manage an expanding portfolio of security areas, and track associated metrics and external cases and research
- Apply new and emerging threat research to your vulnerability discovery efforts
- Embed with different developer teams to help understand their challenges, and work with them on solutions
- Train product team developers to recognize bad patterns, and innovate ways for developers to learn to identify security bad practice
- Any other reasonable activity required by management
- Bachelor’s degree in Computer Science or equivalent technical degree
- 5+ years Software Development Experience
- Demonstrated experience with application security assessment penetration testing
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Secure Screen: This position will be required to pass the Microsoft Cloud background check and credit history analysis upon hire/transfer and every year thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.