Microsoft Corporation Senior Software Engineer (Red Team Operator) in Austin, Texas
This position is open to flexibility on location. (remote work)
Do you enjoy breaking things technically but are also capable of providing insight into fixing issues at scale? Do you have a passion for all kinds of offensive security work? What about the opportunity to work at the kind of scale most companies only dream of?
Are you looking for a challenge that puts you at the center of the Microsoft Edge + Platform, Devices, and Gaming Security? Are you passionate about solving the security challenges of critical online services? Then this is an opportunity you may be interested in.
Microsoft's EDG Security (Edge + Platform, Devices, and Gaming) team is responsible for some of Microsoft's largest and most influential online services, including Xbox LIVE, Microsoft Game Studios, and more. The EDG Services Pentest (SERPENT) Red Team needs a Security Software Engineer to increase the security posture of our business partners.
We have a world-class offensive security team that helps to ensure a secure experience for billions of users all over the world. Our team is primarily focused on identifying systemic vulnerabilities across application, network, and operational security domains. We work closely with both our product and defense teams, providing an offensive perspective to their business.
Our goal is to continuously improve the security posture of the organization by emulating our real-world adversaries. The primary responsibilities of this role include:
Red Team: Lead and participate in covert penetration testing engagements in order to emulate real-world adversaries including Nation-States and Organized Crime. Reconnaissance, Exploitation, and Post-Exploitation techniques should be used until the goals are accomplished, preferably undetected.
Purple Team: Lead and participate in overt penetration testing engagements in order to emulate real-world adversaries including Nation-States and Organized Crime. Open collaboration with our product teams, environment owners, and defensive teams is expected in order to comprehensively understand the target and provide guidance on how to improve their overall security posture through design changes, mitigations, security controls, and detections.
Between engagements:Research: Perform research to stay current with bleeding-edge application security, offensive, and defensive tools, tactics, and procedures.
Training: Leverage the output of this research for training and awareness across EDG.
Tool Development: Create tooling to automate research results and common Red Team tasks.
Combine efforts with other teams to keep scaling up our operations and increase the security posture of all Microsoft services.
Successful candidates will have:
BS or MS in Computer Science, a related field, or equivalent experience
A minimum of 5+ years of experience performing offensive security engagements (Experience leading offensive engagements is highly desired)
Strong experience in Windows and Linux.
Strong Operational Security skills
Solid Networking/Identity Isolation Active Directory, and Linux skills
Experience reverse engineering Native and Managed Code
Experience testing web services, identifying and remediating OWASP top 10 security flaws, and understanding large, complex systems quickly
OSCP/OSCE/GIAC certifications are desired
Solid verbal and written communication skills
Solid teamwork and cross-group collaboration skills
Able to deal with ambiguity
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
- Microsoft Corporation Jobs