New 
Senior Security Engineer
 Microsoft | |
 United States, Washington, Redmond | |
 Oct 05, 2024 | |
|
OverviewSecurity represents the most critical priority for customers in the world awash in digital threats, regulatory scrutiny, and technical complexity. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms,devices,and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. The Azure AI Platform security team is seeking a Senior Security Engineer to help us safely usher in the next frontier in AI technology. If you have experience performing security assessments, penetration testing, threat modeling in cloud computing environments, and you are eager to secure the future of AI, we would love to speak with you! In this role, you'll partner with product engineering teams to assess the security of their services and ensure that we live up to our security promises. You'll plan and manage your own security engagements, from enumerating the attack surface, setting up a test environment, evaluating the design and testing the implementation for security deficiencies, and providing your findings and recommendations for remediation. As you discover systemic issues and anti-patterns, you will be empowered to propose and drive solutions that raise the security bar across multiple services by eliminating entire vulnerability classes. You should be comfortable reading and understanding code to analyze implementations for potential security vulnerabilities and inform your penetration testing. Familiarity with common web penetration testing tools such as Burp Suite or other intercepting proxies will be necessary. As you dive deep into a given service, you will examine all layers of the OSI stack for the service, ranging from the web UI, the API, the cloud environment, cluster orchestration, and Linux-based nodes and containers. You'll have the opportunity to amplify your impact by suggesting product improvements that provide customers with a paved path to security by default. Because of the breadth and depth of this role, we do not necessarily expect candidates to have deep experience in all relevant dimensions of the security stack, and security engineers new to the AI space are encouraged to apply. We seek well-rounded individuals, and we leverage each other as appropriate to create a well-rounded team. While technical fundamentals are important, the ability to navigate both technical and organizational ambiguity, go deep in unfamiliar domains, independently develop subject-matter expertise, and build trust with partner teams will be required to succeed in this role. Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positivelyimpactour culture every day.
Responsibilities Use subject matter expertise to identify potential security issues, tools, mitigations, and processes (e.g., architecture, failure modes, attack chain, threat modeling, vulnerabilities). Analyze complex issues using multiple data sources to identify security problems. Create new solutions to mitigate security issues; Help to drive resolution for systemic security issues. Effectively communicate security defects to stakeholders at various levels. Work as an effective and inclusive team player, sharing and learning from others. OtherEmbody our culture and values | |