Microsoft runs on trust. Earning and keeping that trust has never been more important.
In Customer Security and Trust (CST), program managers, engineers, analysts, investigators, data scientists, attorneys, and business professionals are responsible for some of the most exciting projects at Microsoft focused on protecting our customers.
The Cybersecurity & Trust Engineering team (CSTE) in CST is the central driving force of Engineering and Cybersecurity initiatives for CST and for Microsoft Corporate, External and Legal Affairs (CELA) as a whole. The Security and Privacy Engineering (SPE) team is responsible for embedding security and privacy considerations into all facets of the organization’s operations. SPE team is instrumental in identifying critical risks, providing engineering and cybersecurity expertise to implement effective mitigations, and working closely with diverse stakeholders across the company and external organizations to safeguard information assets and ensure compliance with all relevant regulations and standards.
We are hiring a Principal Software Engineer to join our team. This role will be part of the SPE team, contributing to security initiatives within the organization and across CELA Division with the opportunity of bigger impact. You will contribute to strategic projects and assignments to help increase the security posture of cloud infrastructure and services, assessing security and privacy risks and contribute to improvements and remediation of issues.
This is a unique opportunity within Microsoft to work in a dynamic and collaborative team with impact across many services harvesting the power of the cloud, apply your Security and technical skills to empower analysts and investigators to keep our digital world safe for consumers and businesses across the globe.
A successful candidate will be passionate about secure development practices and architecture, reliability, cloud computing and automation necessary to strengthen the resiliency and security posture of our services and infrastructure.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
#CELA
Required/Minimum Qualifications
- Bachelor's Degree in Computer Science, or related technical discipline AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR equivalent experience.
- 5+ years experience with common security vulnerabilities and associated mitigations
- 5+ years of experience with Azure services, including containers (AKS), App services, Azure Storage technologies, and best practices to secure these services
- 2+ years experience working as part of an engineering team, or as a partner of the engineering team, to implement secure development lifecycle practices
- 2+ years experience articulating business needs for security improvements
Additional or Preferred Qualifications
- Bachelor's Degree in Computer Science or related technical field AND 10+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR Master's Degree in Computer Science or related technical field AND 8+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR equivalent experience.
- CISSP Certification and / or SANS Security Training
- Understanding of cryptography
- Experience in Network security
- Experience with Containers and Azure Kubernetes including security best practices
- Experience implementing Networking Security, API management, Identity and Access management
Other Requirements:
- This position requires verification of citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport.
Software Engineering IC5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until January 13, 2025.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
- Establish collaboration with Engineering teams in CSTE and across CELA on new features, services, and updates to the product
- Participate in threat model reviews and help identify security flaws early in the design phases
- Foster onboarding and adoption of Security Development Lifecycle (SDL)
- Help design implementation of Defense in Depth and Zero Trust strategies while ensuring secure by design, security by default, and secure by deployment principles
- Lead security architecture reviews
- Provide guidance and recommendations for secure development
- Fix security issues in code or infrastructure
- Participate in code reviews to evaluate security risks and improvements
- Lead cloud incident response activities as they occur
- Promote security awareness and provide training and good coding practices
- Supports operational security and security incidents as well as security reviews
- Help define, document, evolve, and evangelize secure engineering standards and best practices across multiple areas including automation
- Contribute to, and establish a strategic view of risk to our services and iterative and consistent security improvements
Other
0 applies
1 views
Other Jobs from Microsoft
Research Intern - LLM Inference Acceleration and Optimization
Senior Data Scientist
Software Engineer II
Research Intern - Bioinformatics
Senior Physical Design Engineer
Software Engineer
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say