Senior Security Engineer

Share job

Date posted

Aug 29, 2025

Job number

1864653

Work site

Up to 50% work from home

Travel

None

Role type

Individual Contributor

Profession

Security Engineering

Discipline

Security Assurance

Employment type

Full-Time

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.

As a Senior Security Engineer, you will be responsible for evaluating the security posture of services, applications, and infrastructure across the organization. You will lead technical reviews, assess threat models, validate security controls, and collaborate with engineering teams to ensure alignment with security standards and best practices.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

• Bachelor’s or Master’s degree in Computer Science, Engineering, or related field.
  
• 7+ years of experience in security engineering, threat modeling, or secure software development.
  
• Good programming knowledge in C, C++, C#, Python, PowerShell, or JavaScript.
  
• Solid understanding of SDL processes, vulnerability assessment, and secure design principles.
  
• Familiarity with reverse engineering tools, debuggers, disassemblers, and sandbox environments.
  
• Experience conducting security reviews across cloud platforms
  
• Ability to articulate security risks and remediation strategies to engineering teams.

Preferred Qualifications

• Knowledge of cloud security and modern threat landscapes.
• Experience with security automation and internal tooling.
• Strong interpersonal and cross-functional collaboration skills.

#AzureSecurity #DevSec

Security Reviews & Threat Modeling

• Conduct structured security reviews across services and platforms.
• Lead and facilitate threat modeling sessions to identify and mitigate risks.
• Validate architectural decisions against security principles such as least privilege, isolation, and defense-in-depth.

Security Assurance & Compliance

• Ensure adherence to secure development lifecycle (SDL) requirements.
  Review code, configurations, and deployment pipelines for security gaps.
• Track and manage exceptions, remediation plans, and compliance metrics.
• Technical Analysis & Risk Evaluation
• Analyze authentication and authorization flows, token management, and identity usage.
• Evaluate risks in integrations, connectors, and third-party dependencies.
• Provide actionable recommendations to reduce attack surface and improve resilience.

Tooling & Automation

• Contribute to the development and enhancement of internal security tools.
  Support automation of review workflows, privilege analysis, and credential hygiene.
• Leverage data and AI-driven insights to scale security assurance efforts.

Collaboration & Enablement

• Partner with engineering, product, and compliance teams to align on security goals.
• Mentor junior reviewers and support onboarding through documentation and knowledge sharing.
• Participate in security communities of practice and contribute to continuous improvement.