hero

Explore thousands of opportunities across Tech:NYC’s member network.

673
companies
6,576
Jobs

Senior Security Operations Engineer

Microsoft

Microsoft

Operations
Posted on Dec 13, 2024

Senior Security Operations Engineer

Redmond, Washington, United States

Save

Share job

Date posted
Dec 10, 2024
Job number
1790536
Work site
Up to 100% work from home
Travel
0-25 %
Role type
Individual Contributor
Profession
Security Engineering
Discipline
Security Operations Engineering
Employment type
Full-Time

Overview

Join Cloud Operations + Innovation (CO+I), the organization behind the technology and infrastructure that powers Microsoft’s cloud. Within CO+I, the Security Engineering & Critical Infrastructure (SECI) team is at the forefront of ensuring the security of our global operations.

We are seeking a highly skilled Senior Security Engineer to join our team dedicated to driving cutting-edge security innovation. As part of our team, you’ll educate, empower, and inspire fellow cyber defenders, Microsoft staff and our strategic industry partners through advanced penetration testing, threat hunting, and proactive defense strategies that shape the future of industrial cloud security.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

*This role is located either in one or all hub locations - Atlanta, GA, Washington, D.C., Redmond, WA, San Antonio, TX or Phoenix, AZ.
*Relocation support will be provided, and successful candidates must relocate or reside within 50 miles of the hub office location.
*This role is eligible for hybrid or remote work, up to 100%.

Qualifications

Required/Minimum Qualifications

  • 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
    • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
  • 5+ years of hands-on experience in penetration testing, red teaming, or offensive security operations.
  • Professional experience in tools such as Burp Suite, Metasploit, Kali Linux, Wireshark, or equivalent and deep understanding of cloud platforms such as Azure, AWS, or GCP.
  • Hands-on experience with Security Information and Event Management (SIEM) solutions such as Microsoft Sentinel, or Splunk.

Other Requirements

  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

  • Familiarity with security standards and frameworks like OWASP, MITRE ATT&CK, and NIST.
  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, Security+, Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field OR 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
  • Experience with reverse engineering, malware analysis, or exploit development.
  • Relevant certifications such as OSCP, OSCE, GPEN, or similar.
  • Advanced knowledge of scripting and programming languages (e.g., Python, PowerShell, Bash, or C#).
  • Knowledge of DevSecOps practices and secure software development lifecycle (SDLC).
  • Deep knowledge of operational technology (OT) and Industrial Control Systems (ICS) security.
  • Familiarity with regulatory compliance frameworks (GDPR, ISO 27001).
  • Proven track record of contributing to the security community through research, tools, or thought leadership.

Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until December 25, 2024.

#COIcareers

#COIEngCareers

#COISecCareers

Responsibilities

  • Lead comprehensive penetration testing efforts across CO+I’s critical infrastructure and operational technology (OT) portfolio, including physical, operational, and cloud environments.
  • Conduct advanced exploitation of vulnerabilities to assess risks and help prioritize mitigations.
  • Design and execute hybrid offensive + defensive security operations, including red, blue and purple team exercises, to simulate real-world attack scenarios against Microsoft’s cloud operations.
  • Leverage and assess Security Information and Event Management (SIEM) solutions to identify and exploit misconfigurations, improve detection capabilities, and enhance threat visibility.
  • Collaborate with engineers, architects, and service teams to ensure that findings are remediated effectively.
  • Develop clear, actionable, data-driven reports for both technical and executive audiences inside and out of Microsoft to communicate risks, impacts, and remediation plans.
  • Continuously research emerging threats, vulnerabilities, and tools to maintain a cutting-edge security posture.
  • Mentor and guide team members, fostering a culture of curiosity, collaboration, and technical excellence.
  • Educate & Inspire others by delivering insights and actionable recommendations that enhance security readiness and resilience
  • Empower others through the design, build and enhancement of tools, scripts, and frameworks for penetration testing and security assessment of logical and physical security systems.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Industry leading healthcare
Educational resources
Discounts on products and services
Savings and investments
Maternity and paternity leave
Generous time away
Giving programs
Opportunities to network and connect

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.