Location: Redmond, Washington
Posted: November 17, 2017
Reference ID: 1081255
The New Experience and Technology (NEXT) Team is inventing the world’s most advanced experiences across our devices and developing creative new scenarios based on future form factors and customer-led product design. You will be a security manager, accountable for ensuring the security of our experiences.
Do you like to see how you can break things? Do you want to be necessary to our success, saving Microsoft from releasing insecure solutions? Is it exciting to you to be the technical leader of a tenet for a 1,000-person organization? We want to work together with folks that think this way, making a big difference in the quality of our software.
We will make our software more secure. You’ll be responsible for working with others by performing code reviews, fuzzing, and analysis of new and evolving file types and parsers. You’ll perform security research and threat assessment in the emergent technology fields that we are working with. Additionally, you’ll work with multiple teams to ensure that SDL compliance requirements are met. You will champion security initiatives through innovating in shared technology and driving efficient processes. Your work will directly impact a dozen Microsoft apps and hundreds of developers.
We’ll also work together to:
• Utilize and build tools to aid in security compliance.
• Aid teams to securely innovate in their processes and products.
• Evangelize security awareness and standard methodologies across the organization.
3 years of software industry experience
•BSc, BEng, or MS in Computer Science or equivalent experience.
•5+ years as a professional in the information security field.
• Communicate both in written form and orally.
• Strong interpersonal skills with emphasis on influencing and evangelizing to help build consensus and coalition.
• Ability to work against deadlines.
• Motivate yourself with a drive for quality.
• A ‘can-do’ attitude. Communicate with all levels of organization and ability to explain deep technical concepts to both non-technical and technical staff
• Complete tasks in a timely manner, achieving compromises with other disciplines as required to hit deadlines.
• Very strong analytical skills
• Previous security engineering, threat modeling, and testing experience
• Previous experience with fuzzing, code analysis, and/or vulnerability/exploit research and discovery
• Previous experience with SaaS security engineering
• Ability to assess software suitability and quality from security perspective
• Understanding of threat modeling and SDL
• Knowledge of modern application services technologies and associated vulnerabilities, reviewing, and testing
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to firstname.lastname@example.org