Logo
Microsoft

Security Engineer II

Microsoft, Denver, Colorado, United States,


Microsoft is a company where passionate innovators come to collaborate, envision what can be and take their careers further. This is a world of more possibilities, more innovation, more openness, and the sky is the limit thinking in a cloud-enabled world.Microsoft’s Azure Data engineering team is leading the transformation of analytics in the world of data with products like databases, data integration, big data analytics, messaging & real-time analytics, and business intelligence. The products in our portfolio include Microsoft Fabric, Azure SQL DB, Azure Cosmos DB, Azure PostgreSQL, Azure Data Factory, Azure Synapse Analytics, Azure Service Bus, Azure Event Grid, and Power BI. Our mission is to build the data platform for the age of AI, powering a new class of data-first applications and driving a data culture.Within Azure Data, the databases team builds and maintains Microsoft's operational Database systems. We store and manage data in a structured way to enable a multitude of applications across various industries. We are on a journey to enable developer-friendly, mission-critical, AI-enabled operational Databases across relational, non-relational, and OSS offerings.Microsoft’s Azure Data databases PenTest team is hiring a Security Engineer II. Our team utilizes a variety of offensive security techniques to continuously evaluate and enhance the security posture of the organization and its offerings. We are dedicated to maintaining customer trust by staying one step ahead of the external attacker. We participate in both pre-release and post-release activities, conducting security reviews, penetration tests, and other ethical hacking exercises. Our team is highly collaborative. We partner with a corresponding blue team to improve monitoring and detection in the classic attack/defend paradigm. We partner with the databases’ product teams to drive security improvements in their products and processes. We even partner outside of our organization with other PenTest teams across the company to identify systemic risks and share knowledge of attacks and techniques. As a Security Engineer II, you will be at the forefront of such engagements and collaborations.We do not just value differences or different perspectives. We seek them out and invite them in so we can tap into the collective power of everyone in the company. As a result, our customers are better served.Relocation assistance is unavailable for this role.Responsibilities

As a Security Engineer II you will:Security Assurance

Understand current security trends and vulnerabilities.Participate in security design reviews and threat model reviews prior to the release of new products or features, communicating clearly the different security options and tradeoffs.Deliver broadly available security trainings based on learnings from previous exercises or incidents.Penetration Testing

Ramp up and understand new designs, systems, and technology as they are built.Participate in comprehensive assessments of features and large-scale applications and environments. This includes mapping out the surface area and assessing prioritization based on time, resource, and general importance tradeoffs.Find vulnerabilities in various spaces such as web applications, native applications, database systems, authentication flows, distributed systems and designs, and protocols. Pulling from a flexible knowledgebase of topics such as OWASP, memory corruption, privilege escalation, networking, etc. to find both common and uncommon issues.Qualifications

Required/Minimum Qualifications

3+ years experience in hands-on penetration testing and in identifying security vulnerabilities.3+ years experience in cyber security.1+ years of experience in working collaboratively, solving problems with groups, finding win/win solutions and celebrating successes.Other Requirements

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.Preferred/Additional Qualifications

1+ years of experience and understanding of security in Microsoft Azure or any of the major Cloud providers.1+ years of experience in threat modeling, security reviews and security assurance.1+ years experience coding in C/C++, dotnet, JavaScript, Python, SQL, or others, with expertise in troubleshooting and debugging skills.An understanding of security knowledge around native applications, web applications, distributed and database systems.Security Operations Engineering IC3 - The typical base pay range for this role across the U.S. is USD $98,300 - $193,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $127,200 - $208,800 per year.Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

https://careers.microsoft.com/us/en/us-corporate-pay .Microsoft will accept applications for the role until July 17, 2024.#azdat #azuredata #cloud #offsec #appsec #pentest #securityassuranceMicrosoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

#J-18808-Ljbffr