Security Operations Engineering IC3

Share job

Do you enjoy working on unique security solutions for a variety of areas related to Gaming? If so, the Gaming Security team would like to talk to you. We are the Defenders of Player Trust. Our team supports the services, platform, and studios that make up the Gaming business. We ensure our Top Games and Services are free from defects that could put our players or their data in harm’s way. In addition, we work with other Security teams within the company to ensure that we have the right tools and services to protect these key businesses.

We are looking for an Security Operations Engineer to help protect our players and help ensure a secure entertainment experience. This role will be in Gaming Security’s Application and Product Security team. As a Security Operations Engineer, you will have passion for gaming, security, and collaborating with development teams. Besides collaboration skills this person must also possess considerable technical depth, coupled with the ability to bring others together in building cross-organization solutions. Effective communication skills and the ability to thrive in an ambiguous and dynamic environment are necessary. Candidates should represent the growth mindset and display Microsoft cultural values in day-to-day activities.

Required/Minimum Qualifications

• Bachelor's Degree in Statistics, Mathematics, Computer Science or related field OR 3+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response.
• 2+ years of experience with application security tools
• 2+ years of experience and understanding of cryptographic libraries and implementations

Preferred Qualifications

• 5+ years working in Software development

• Advanced experience with C++, C#, GoLang, Rust

• Experience with CodeQL, Legit, SemGrep, Coverity, BlackDuck

• Advanced low-level debugging experience using tools such as IDA Pro, Ghidra, WinDbg, etc

• Understanding of AI and has proven experience applying agentic AI to solve fundamental application security problems at scale

• Ability to thrive in an environment with ambiguity and minimal direction.

• Must be a self-starter who can take initiative and drive projects to completion independently

• Master's Degree in Statistics, Mathematics, Computer Science or related field.

CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification.

• Experience reading and write source code

• Knowledgeable in security aspects of operating system internals

• Introductory knowledge of scripting languages or similar (Python, JavaScript, Ruby,etc.)

• Familiarity with low-level debugging tools

• Git version control experience

• Ability to multi-task, context shift, and thrive on a small team in a fast-paced environment
• Experience in gaming, security technologies, and AI

Security Operations Engineering IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until June 3rd, 2025

Responsibilities

• Serve as a trusted advisor and brainstorming partner to development teams on a wide range of security topics

• Be knowledgeable to help support periodic application and game security updates to executive leadership, and other presentations

• Read, write and identify issues with source code in languages such as, C++, C#, Java, GoLang, Python, JavaScript, Lua and Rust among others

• Perform security reviews of games, services and other applications; looking for issues in source code, dependencies, and design to strengthen gaming products, platforms, and services

• Reverse-engineer and manipulate games and applications to identify and provide remediation actions to help correct vulnerabilities that may be exploited

• Provide detailed security review reports to developers and other stakeholders

• Keep up with development and security trends in the video game industry and in the technology sector.

• Proactively identifies and investigates potential issues in controls (e.g., network, identity, high security).

• Leverages expertise and team members to address and drive down issues accordingly.

• Identifies and/or recognizes patterns and recommends potential mitigation strategies.

• Finds opportunities to leverage and contribute to the internal Microsoft community.

• Maintains standards for customer and partner experience.

• Defines customer and partner requirements, anticipates needs, and measures quality of experience.

• Recommends improvements and/or metrics to address gaps in measurement.

• With minimal guidance, analyzes attempted or successful efforts to compromise systems security.

• Drives processes across entire chain.

• Evaluates tactics for effectiveness and to inform security posture.

• Organizes and contributes to Red Team reports and issue tracking.

• Travel up to 10% as required

• Embody our Culture and Values.