Job Category: Software Engineering: Development
Location: Redmond, WA, US
Job ID: 788769-77459
Division: Server & Tools Business
Put your development skills to the test to secure products and services in the Business Platform Division (BPD)!
Are you passionate about security? Do you think that the secret agents from the movie Men in Black have the coolest job in the world, and see yourself in the role of making on and off-premise computing safe for the good guys while keeping the bad guys at bay? Here’s your chance to do your part to fight the forces of evil by solving the security challenges in the Appliance, Box, and Cloud (ABC) computing space at Microsoft!
The Business Platform Security Services (BPSS) team is driving business opportunities for the Business Platform Division’s (BPD) extensive portfolio of on-premise server and client products, growing family of SQL Azure, AppFabric, and Windows Azure Marketplace cloud services, and innovative software/hardware appliance offerings by guiding the implementation of world-class security capabilities. We are seeking a security engineer with a minimum 6 years industry experience who is looking for a new challenge as part of a well-established and highly effective security team as it expands to accommodate explosive growth in our product portfolio.
Working with BPSS Security, Privacy, and Compliance experts, and BPD product units, you will apply your subject matter expertise and development skills to ensure security ship readiness. Duties include working with teams to identify security flaws through threat modeling, consultation, code review, penetration testing, development of code to automate the discovery and remediation of security flaws, negotiating within the division/company for resourcing and prioritization as appropriate, and driving, tracking, and resolving all aspects of security ship readiness.
The successful candidate will operate in a cohesive team environment with other security and compliance professionals with the overriding goal of ensuring our products and services are secure against current and emerging threats. You will be responsible helping products units assess threats, vulnerabilities, and risks to their products, driving appropriate and pragmatic solutions to completion, prototyping and driving the development of new tools to identifying security flaws through penetration testing and other security techniques as appropriate, discovering and researching novel vulnerabilities in complex code bases and developing tools to automate the discovery of those flaws. A thorough understanding of Microsoft technologies, an understanding of security architectures and experience deploying complex enterprise solutions will be valuable assets for the right candidate.
- 6 years professional experience in C, C++, and/or C#
- 4-year degree in computer science or closely related discipline, or equivalent experience
If this sounds like the job for you then we want to hear from you!
- A proven track record of applying security subject matter expertise to the successful and timely delivery of production ready software to a large user base.
- Expert knowledge in at least one common class of software vulnerabilities and a broad familiarity with all common classes of threat and vulnerabilities including buffer overflows, cross-site scripting, cross-site request forgery, SQL injection, cryptographic weaknesses, and others
- An ability to analyze unfamiliar technology for likely failure cases and to apply knowledge of vulnerabilities to new problem domains
- Knowledge of techniques such as static analysis, threat modeling, and fuzz testing, familiarity with security technologies such as cryptography, authentication protocols, and similar.
- Knowledge of common security failures and attacks as buffer overflows, SQL Injection, cross-site scripting, and similar
- Demonstrated experience in performing structured and ad-hoc penetration testing.
- Demonstrated ability to produce high-quality code in a professional and fast-paced development environment
- Strong cross-group collaboration skills and the ability to manage a large number of ongoing projects.
- Demonstrated project management and written and verbal communications skills.
- Comfort discussing complex issues with senior and execution management teams.
- High enthusiasm, integrity, ingenuity, results-orientation, self-motivation, and resourcefulness in a fast-paced competitive environment.
- Knowledge of and experience with the full Security Development Lifecycle
- Familiarity with the BPD product portfolio of box products, cloud service, and appliance offerings.
- Experience with cloud computing, online services, enterprise software development, engineering and/or operations at scale.
- Master’s Degree in CS or closely related discipline
Microsoft Corporation develops, manufactures, licenses and supports a range of software products for computing devices. The Company's...