11 days ago

Logo of Microsoft

Senior Security Operations Engineer

$117k - $250k

Microsoft

USRedmond, WARemote

Join Cloud Operations + Innovation (CO+I), the organization behind the technology and infrastructure that powers Microsoft’s cloud. Within CO+I, the Security Engineering & Critical Infrastructure (SECI) team is at the forefront of ensuring the security of our global operations.

 

We are seeking a highly skilled Senior Security Engineer to join our team dedicated to driving cutting-edge security innovation. As part of our team, you’ll educate, empower, and inspire fellow cyber defenders, Microsoft staff and our strategic industry partners through advanced penetration testing, threat hunting, and proactive defense strategies that shape the future of industrial cloud security.

 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

 

*This role is located either in one or all hub locations - Atlanta, GA, Washington, D.C., Redmond, WA, San Antonio, TX or Phoenix, AZ.
*Relocation support will be provided, and successful candidates must relocate or reside within 50 miles of the hub office location.
*This role is eligible for hybrid or remote work, up to 100%.

Required/Minimum Qualifications

  • 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
    • OR Bachelors Degree in Statistics, Mathematics, Computer Science or related field.
  • 5+ years of hands-on experience in penetration testing, red teaming, or offensive security operations.
  • Professional experience in tools such as Burp Suite, Metasploit, Kali Linux, Wireshark, or equivalent and deep understanding of cloud platforms such as Azure, AWS, or GCP.
  • Hands-on experience with Security Information and Event Management (SIEM) solutions such as Microsoft Sentinel, or Splunk.

Other Requirements

  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

  • Familiarity with security standards and frameworks like OWASP, MITRE ATT&CK, and NIST.
  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, Security+, Masters Degree or Doctorate in Statistics, Mathematics, Computer Science or related field OR 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
  • Experience with reverse engineering, malware analysis, or exploit development.
  • Relevant certifications such as OSCP, OSCE, GPEN, or similar.
  • Advanced knowledge of scripting and programming languages (e.g., Python, PowerShell, Bash, or C#).
  • Knowledge of DevSecOps practices and secure software development lifecycle (SDLC).
  • Deep knowledge of operational technology (OT) and Industrial Control Systems (ICS) security.
  • Familiarity with regulatory compliance frameworks (GDPR, ISO 27001).
  • Proven track record of contributing to the security community through research, tools, or thought leadership.

Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

 

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

   

Microsoft will accept applications for the role until December 25, 2024.

 

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

 

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

## COIcareers

## COIEngCareers

## COISecCareers

  • Lead comprehensive penetration testing efforts across CO+I’s critical infrastructure and operational technology (OT) portfolio, including physical, operational, and cloud environments.
  • Conduct advanced exploitation of vulnerabilities to assess risks and help prioritize mitigations.
  • Design and execute hybrid offensive + defensive security operations, including red, blue and purple team exercises, to simulate real-world attack scenarios against Microsoft’s cloud operations.
  • Leverage and assess Security Information and Event Management (SIEM) solutions to identify and exploit misconfigurations, improve detection capabilities, and enhance threat visibility.
  • Collaborate with engineers, architects, and service teams to ensure that findings are remediated effectively.
  • Develop clear, actionable, data-driven reports for both technical and executive audiences inside and out of Microsoft to communicate risks, impacts, and remediation plans.
  • Continuously research emerging threats, vulnerabilities, and tools to maintain a cutting-edge security posture.
  • Mentor and guide team members, fostering a culture of curiosity, collaboration, and technical excellence.
  • Educate & Inspire others by delivering insights and actionable recommendations that enhance security readiness and resilience
  • Empower others through the design, build and enhancement of tools, scripts, and frameworks for penetration testing and security assessment of logical and physical security systems.