Senior Security Operations Engineer
Microsoft
Senior Security Operations Engineer
Redmond, Washington, United States
Save
Overview
Join Cloud Operations + Innovation (CO+I), the organization behind the technology and infrastructure that powers Microsoft’s cloud. Within CO+I, the Security Engineering & Critical Infrastructure (SECI) team is at the forefront of ensuring the security of our global operations.
We are seeking a highly skilled Senior Security Engineer to join our team dedicated to driving cutting-edge security innovation. As part of our team, you’ll educate, empower, and inspire fellow cyber defenders, Microsoft staff and our strategic industry partners through advanced penetration testing, threat hunting, and proactive defense strategies that shape the future of industrial cloud security.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
*This role is located either in one or all hub locations - Atlanta, GA, Washington, D.C., Redmond, WA, San Antonio, TX or Phoenix, AZ.
*Relocation support will be provided, and successful candidates must relocate or reside within 50 miles of the hub office location.
*This role is eligible for hybrid or remote work, up to 100%.
Qualifications
Required/Minimum Qualifications
- 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
- OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
- 5+ years of hands-on experience in penetration testing, red teaming, or offensive security operations.
- Professional experience in tools such as Burp Suite, Metasploit, Kali Linux, Wireshark, or equivalent and deep understanding of cloud platforms such as Azure, AWS, or GCP.
- Hands-on experience with Security Information and Event Management (SIEM) solutions such as Microsoft Sentinel, or Splunk.
Other Requirements
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Additional or Preferred Qualifications
- Familiarity with security standards and frameworks like OWASP, MITRE ATT&CK, and NIST.
- CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, Security+, Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field OR 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
- Experience with reverse engineering, malware analysis, or exploit development.
- Relevant certifications such as OSCP, OSCE, GPEN, or similar.
- Advanced knowledge of scripting and programming languages (e.g., Python, PowerShell, Bash, or C#).
- Knowledge of DevSecOps practices and secure software development lifecycle (SDLC).
- Deep knowledge of operational technology (OT) and Industrial Control Systems (ICS) security.
- Familiarity with regulatory compliance frameworks (GDPR, ISO 27001).
- Proven track record of contributing to the security community through research, tools, or thought leadership.
Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until December 25, 2024.
#COIcareers
#COIEngCareers
#COISecCareers
Responsibilities
- Lead comprehensive penetration testing efforts across CO+I’s critical infrastructure and operational technology (OT) portfolio, including physical, operational, and cloud environments.
- Conduct advanced exploitation of vulnerabilities to assess risks and help prioritize mitigations.
- Design and execute hybrid offensive + defensive security operations, including red, blue and purple team exercises, to simulate real-world attack scenarios against Microsoft’s cloud operations.
- Leverage and assess Security Information and Event Management (SIEM) solutions to identify and exploit misconfigurations, improve detection capabilities, and enhance threat visibility.
- Collaborate with engineers, architects, and service teams to ensure that findings are remediated effectively.
- Develop clear, actionable, data-driven reports for both technical and executive audiences inside and out of Microsoft to communicate risks, impacts, and remediation plans.
- Continuously research emerging threats, vulnerabilities, and tools to maintain a cutting-edge security posture.
- Mentor and guide team members, fostering a culture of curiosity, collaboration, and technical excellence.
- Educate & Inspire others by delivering insights and actionable recommendations that enhance security readiness and resilience
- Empower others through the design, build and enhancement of tools, scripts, and frameworks for penetration testing and security assessment of logical and physical security systems.