Principal Security Engineer

Share job

Microsoft Research is building new tools to automate the search for unknown malicious software. We are the growing, evolving team behind Microsoft’s Project Ire, Acquire Volatile Memory for Linux (AVML), OneFuzz, Project Freta, and other new security tooling initiatives. The goal of our group is to make a difference for Microsoft’s customers by building high-trust discovery mechanisms into Azure, the world’s computer. Our group builds and sometimes Open Sources memory-safe security tooling with the Rust language. We work with the latest foundation models to create Artificial Intelligence (AI)-powered reverse engineering and malware discovery tooling. Our distributed team includes remote work opportunities and regularly interfaces with engineering teams across the globe. We invite you to consider joining our team as we learn together.

In this role, you will be part of a collaborative team environment involved in rapid prototyping, compatibility engineering, and the invention of new capabilities in the security space.

If you’re a passionate security professional with an interest in automating reverse engineering and software exploration, learning or continuing with Rust, or building a more trustworthy cloud - please seek out this role.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Required Qualifications

• Bachelor's Degree in Computer Science, or related field AND 6+ years experience in security or related field
  • OR Master's Degree in Computer Science, or related field AND 4+ years experience in security or related field
  • OR equivalent experience.
• Experience with Python Programming Language.

Preferred Qualifications

• Experience developing software in or an interest in learning the Rust programming language.
• Experience with reverse engineering or source code analysis, or an interest in learning these skills.
• Experience developing agentic systems for security.
• Experience in Windows (Operating System and apps) security.
• Experience with volatile memory forensics tools.
• Experience with static analysis tools.

Penetration Testing IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until September 22, 2025.

#Research

• Design and develop new agentic methods of interaction with reverse engineering tools.
• Harness reverse engineering tools for automated use.
• Gain expertise in using and developing automated reverse engineering frameworks.
• Work with real-world malicious software as test data.
• Participate in communications and research outreach.
• Develop software in Rust and Python in cloud-native environments including containers.

• Embody our culture and values.