Microsoft is a company where passionate innovators come to collaborate, envision what can be and take their careers further. This is a world of more possibilities, more innovation, more openness, and the sky is the limit thinking in a cloud-enabled world.
Microsoft’s Azure Data engineering team is leading the transformation of analytics in the world of data with products like databases, data integration, big data analytics, messaging & real-time analytics, and business intelligence. Our mission is to build the data platform for the age of AI, powering a new class of data-first applications and driving a data culture.
Within Azure Data, the databases team builds and maintains Microsoft's operational Database systems. We store and manage data in a structured way to enable multitude of applications across various industries. We are on a journey to enable developer friendly, mission-critical, AI enabled operational Databases across relational, non-relational and OSS offerings.
Microsoft’s Azure Data databases red team is hiring a Security Engineer II. Our team utilizes a variety of offensive security techniques to continuously evaluate and enhance the security posture of the organization and its offerings. We are dedicated to maintaining customer trust by staying one step ahead of the external attacker. We participate in both pre-release and post-release activities, conducting security reviews, penetration tests, and other ethical hacking exercises. Our team is highly collaborative. We partner with a corresponding blue team to improve monitoring and detection in the classic attack/defend paradigm. We partner with the databases’ product teams to drive security improvements in their products and processes. As a Security Engineer II, you will be at the forefront of such engagements and collaborations.
By applying to this U.S. based position, while remote work is possible, relocation does not apply/is not provided for the role.
Responsibilities
Security Assurance
- Understand current security trends and vulnerabilities.
- Participate in security design reviews and threat model reviews prior to the release of new products or features, communicating clearly the different security options and tradeoffs.
- Deliver broadly available security trainings based on learnings from previous exercises or incidents.
Penetration testing
- Ramp up and understand new designs, systems, and technology as they are built.
- Participate in comprehensive assessments of features and large-scale applications and environments.
- Find vulnerabilities in various spaces such as web applications, native applications, database systems, authentication flows, and distributed systems.
Red teaming
- Participate in targeted campaigns against both pre-production and production environments.
- Navigate through an ecosystem of multiple domains, technologies, protocols, and stakeholders.
Qualifications
Required/Minimum Qualifications
- 3+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
- Fundamental understanding of security knowledge around native applications, web applications, distributed and database systems.
Other Requirements
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
Preferred/Additional Qualifications
- Bachelor's Degree in Cybersecurity, Computer Science, or related field AND 4+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
- OR Master's Degree in Cybersecurity, Computer Science, or related field.
- Understanding of security issues for large scale cloud services and network infrastructures.
- Deep and broad understanding of security vulnerabilities and attacks.
- Proficiency in Programming languages with expertise in troubleshooting and debugging skills.
- High enthusiasm, integrity, ingenuity, results-orientation, self-motivation, and resourcefulness in a fast-paced competitive environment.
- Have a deep desire to work collaboratively, solve problems with groups, find win/win solutions and celebrate successes.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to any characteristic protected by applicable local laws, regulations and ordinances.
#J-18808-Ljbffr