Senior Software Engineer

Empower every person and organization on the planet to achieve more. That’s what inspires us, drives our work and pushes us to challenge the status quo every day. Through our Mobile-first, Cloud-first strategy, we strive to deliver solutions that are optimized for the world and enable customers to drive their business more successfully. At Cloud + Enterprise (C+E) we help customers power their solutions using the Microsoft Cloud. The scale of platforms and services we are building are among the largest in the world by far. From core cloud computing platform development to the services running on them, we do it all. The Identity Isolation Services team is investing in building Azure Public Key Infrastructure which is aimed at operating as a public Certificate Authority. Digital certificate is a cornerstone for security. Security is constantly evolving, and we need software engineers who aspire to be at the forefront of it.

Do you bring clarity, create energy, and enjoy driving results? Are you passionate about how to help make the (digital) world a safer place? The Identity Isolation Services team is seeking a talented senior software engineer who will transform how Azure engineers manage, distribute and automate handling of digital certificates; a cornerstone of digital security. Eliminating manual interventions in managing digital certificates significantly reduces security risks. The OneCert investment, also by the Identity Isolation Services team, is aimed at building a single point of access for human operators and services dealing with digital certificates, i.e. creating, deploying and managing certificates. OneCert’s vision is to act as a Registration Authority in the Azure PKI. The Azure PKI is a critical component for isolating Azure services from being managed by Microsoft’s corporate identities. The net outcome of all these investments is to ensure that Azure Management Environment in one of the most secure cloud environments.

-Create and execute on the development plan for building Azure Public Key Infrastructure as a public Certificate Authority
-Create and execute on the development plan for building OneCert as the Registration Authority in the Azure PKI.
-Scale and performance testing as OneCert is expanded to all Azure services.
-Security detection and monitoring.
-Reducing onboarding cost along with Live Site improvements.
-Build and innovate critical cloud security services powering the future of secure cloud computing.
-Create and manage security services with an Assume Breach mindset enabling detection and response of targeted attacks and persistent adversaries.
-Analyze complex authorization and authentication problems, identify and design solutions, and make high-impact improvements in close collaboration with other engineers both across the C+E division and throughout Microsoft.
-Develop large-scale integrated security services with enterprise-class quality and utilize your design, customer obsession, and communication skills to bring great experiences for all users.

Basic Qualifications:
-8+ year of software development experience.
-4+ years of services development experience.

Preferred Qualifications:
-Experience with one or more general purpose programming languages including but not limited to: C#, C++ or Java.
-Experience with developing or managing Public Key Infrastructure.
-Experience with owning or driving large scale services, components or feature areas.
-Demonstrated excellence in coding, code review and technical communication documentation.
-BA/BS in Computer Science (or relevant work experience).
-Experience with ASP.NET MVC Core.
-Experience with OCSP and Certificate Transparency.
-Experience with SSL/TLS.
-Experience optimizing automation, reliability and monitoring of LiveSite.
-Strong problem solving and analytical ability
-Strong customer focus and data driven approach
-End-to-end Delivery & Innovation
-Agility in fast paced environment

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to