Job Description

Security is a topic you read about every day, and securing the Cloud is more important than ever. Business and governments are under constant threat from a variety of actors, and they are moving to the Cloud in record numbers. We protect Microsoft's customers and their data across the world and secure all Microsoft Clouds. In the mobile-first cloud-first world, security is among the most important elements to get right, it enables trust and keeps people, organizations, and their data safe.

We are the Cloud Security group, and we build services that process TBs of data every day to detect software and network related vulnerabilities, across millions of nodes and endpoints. We do this by designing and delivering industry-leading features that delight customers. We are looking for a creative and collaborative security engineer with a passion for information and network security to join us and help secure the perimeter as well as cloud native workloads.

Core to our team culture is the belief that to run at internet scale, you must have a 'people-first' approach. That means we put emphasis on forging an inclusive team culture. As a Principal engineer on the team, you will lead and drive the architecture and design of security focused large-scale distributed systems and services. You will. Our aim is to be the best and most successful security organization in the world and have fun while doing so.

#MSFTSECURITY

Cloud security landscape is evolving rapidly. You will work in a fast-paced environment with frameworks such as Kubernetes and Microsoft Service Fabric. You will work closely with PMs to translate their asks into scalable yet easy to maintain services. You will collaborate with your peers to design and build highly available services, from alpha/preview releases to production grade. A successful candidate will be self-motivated and a fast learner with good collaboration skills.

• Provide technical security expertise and be a key contributor for developing and implementing a comprehensive roadmap for augmenting the security of the infrastructure and platforms, tools, and processes leveraged within Microsoft.
• Identify, define, and drive implementation of security controls and associated remediation steps.
• Research, improve, design, optimize and drive implementation of vulnerability and threat detection capabilities
• Identify and support driving closure of critical security gaps in our infrastructure both in the Cloud and On-Prem
• Participate in detailed design, code reviews, bug/issue triage with engineering teams, and support well informed security decisions in harmony with business and engineering goals
• As a trusted advisor and security expert, provide an honest and unbiased assessment of our security posture, which will aid in guiding priorities for the organization.
• In a globally shared responsibility against emerging threats, contribute to renowned forums, Microsoft's customers, internal product development, and existing product enhancements.

Required Qualifications:

• A bachelor's degree (or higher) in an engineering or computer science related discipline
• At least 8 years of work experience in a security or infosec related field

Preferred Qualifications:

• Intimate knowledge of the attacker mindset.

• The tools and techniques used by attackers, knowledge of recent threat and attacks
• The high-fidelity signals that can be trusted and corelated to detect malicious activity
• Strong research and technical skills, to be able to take apart unfamiliar services, rapidly become an expert, and then find security problems. No specific technology experience is required! However, some of the platforms and technologies we regularly work with include:

• Both Windows and Linux.
• Python, PowerShell, bash, and other interpreted languages.
• C#, .NET, and ASP.NET.
• The Azure cloud platform
• Azure Active Directory, Active Directory, certificates, and public key infrastructure.
• Software supply chain platforms like Git, GitHub Actions, Azure Pipelines, container & package registries, etc.
• Excellent written and verbal communication skills, to be able to effectively present the results of a red team operation to stakeholders.

• An open and honest presentation style that puts security problems in sharp focus. In this role, you'll have regular opportunities to present to executives, including senior executives.
• Especially prized on this team are clarity of thought and the ability to reason strategically about problems at scale.
• A growth mindset: enthusiastic about both learning and teaching.

#AzureSecCSS #AzureSecOpen #MSFTSECURITY

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.