Microsoft Corporation is an American multinational corporation and technology company headquartered in Redmond, Washington. Its best-known software products are the Windows line of operating systems, the Microsoft 365 suite of productivity applications, the Azure cloud computing platform, and the Edge web browser.
Software Engineering IC3
Overview
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity.
Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.
The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate.
Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Secure Admin Services organization, part of the Chief Information Security Officer (CISO) Organization, is seeking a passionate Software Engineer to deliver high-quality services and products.
The ideal candidate will have proven software development experience and the ability to translate business problems into solutions while maintaining a focus on security, resilience, scale and customer experience. Our Secure Admin Services organization manages the entire stack from custom application development to identity and security products/tooling, as well as the underlying infrastructure.
We also own the Secure Admin Workstation product and collaborate closely with other product teams across Microsoft to continuously improve the experience while maintaining our critical security posture. Our team has won the CSO50 award twice for High-Risk Environments and Secure Admin Workstations and continues to be a key area of investment as we align with Microsoft’s Security. If you are passionate about writing scalable software and enjoy building and implementing next-generation security and resilience solutions at scale, we have a great opportunity for you.
This position requires a strong development background and the ability to collaborate with domain experts, architects, and senior technical members throughout the program life cycle. In this role, you will be a team player with a keen eye for detail and problem-solving skills.
Experience in Agile frameworks and popular coding languages is highly desirable. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals.
Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Qualifications
- Master’s or bachelor’s degree in engineering/computer science.
- 4-6 years of professional software engineering experience designing, developing, and running enterprise applications.
- Experience in Object Oriented Programming, .NET framework, ASP.NET, MVC, Web API, C#, and SQL Server Programming along with experience in cloud services (Azure/ AWS)
- Good to have experience in the latest versions of scripting languages like React, Angular JS, PowerShell etc. and exposure to TFS/VSO and Git.
- Familiarity with SOA, distributed systems, and event driven architectures.
- Excellent coding skills, strong in OOPS, OOAD, design patterns and their application.
- Good understanding on security aspects of software like authentication, authorization, encryption, etc.
- Ability to both work independently and coordinate across geographies.
- Ability to communicate complex ideas and concepts to a variety of cross-group stakeholders.
- Strong organization skills, a bias for action, and ability to deliver results.
- Proven ability to deal with ambiguity and drive for clarity.
- Demonstrated ability to work efficiently, prioritize workflow, ramp quickly, and meet demanding deadlines.
Preferred Qualifications:
- Familiar with modern security models like OAuth and token-based authentication and authorization.
- Experience building and shipping production grade software or services.
- Experience using agile methodologies or test-driven development (TDD).
- Security and Identity domain experience.
- Familiarity with Machine Learning and applied AI concepts
Responsibilities
- Be responsible for owning multiple services, architecting them to scale, and have robust unit tests to deliver high quality products.
- Design and implement microservices to enable real time, highly scalable, performant, and sustainable solutions.
- Stay abreast of new techniques, tools and methodologies used to address the critical developmental areas.
- Use engineering best practices throughout the software development lifecycle to establish maintainable, reliable, and secure systems.
- Manipulate, collate, and analyze complex, high dimensional data from varying sources to solve difficult problems.
- Work in a culture of continuous improvement, adaptation, reflection, and growth.
- Provide on call support and monitor the health of services in production as part of DevOps culture.
- Design, develop, test, deploy, maintain, and improve applications to support the business to drive and enable security across systems.
- Work closely with business and engineering partners during early SDLC phases to understand the business capabilities and goals for the program.
Cloud Solution Architect – Security
Overview
Cloud Solution Architect (CSA) Security is accountable in ensuring customers get values from Microsoft security solutions. Primarily will be working on stage 4 to 5 of Microsoft Customer Engagement Methodology (MCEM) – the consumption, operationalibility, and value realization of the solution; the CSA will be central in ensuring consumption of Azure (i.e. M365 E5, Defender for Cloud, Sentinel, Purview) and Unified support services through Value Based Delivery (VBD).
Qualifications
Required/Minimum Qualifications
- Bachelor’s Degree in Computer Science, Information Technology, Engineering, Business, or related field AND 7+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting
- OR equivalent experience.
- Good understanding of Microsoft 365 Defender Suite, Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Entra ID, IaaS, Network Security, Data Security
- Subject Matter Expertise in two or more of the following security solutions: Threat protection, SIEM and Incident Response; Extended Detection and Response (XDR); Security Orchestration, Automation, and Response (SOAR); Security Operation Center Management; Identity and Access Management; Cloud Infrastructure; Cloud Security; Data Security.
- OR
- This person will be a trusted advisor for customers attempting to secure their entire data estates against internal and external data risk. Microsoft Purview’s integrated Data Security services support customers holistically securing data by:
- Protecting Sensitive Data using data classification, sensitivity labelling and encryption policies.
- Managing Insider Risks using machine learning detection controls and indicators, adaptive protection to dynamically enforce controls and advanced privacy controls
- Preventing Data Loss using built in exfiltration policies for Microsoft 365 apps, services and endpoints.
- AND
- Programming experiences, using Microsoft Information Protection SDK (e.g. PowerShell, C#, Python)
- Desired Microsoft Technology & Industry Equivalent. Certification in one or more of the following areas:
- Microsoft 365 Security Administrator, Microsoft Security Operations, Cloud Security, CCSP, CEH, OSCP, GSEC.
- Technical Certification in Microsoft SC-400 – Microsoft Information Protection Administrator)
Additional or Preferred Qualifications (PQs)
- Master’s Degree in Computer Science, Information Technology, Engineering,
- OR related field AND 8+ years experience in technology solutions, practice development, architecture, consulting, and/or cloud/infrastructure technologies
- OR Bachelor’s Degree in Computer Science, Information Technology, Engineering,
- OR related field AND 10+ years experience in technology solutions, practice development, architecture, consulting, and/or cloud/infrastructure technologies
- OR equivalent experience.
- 4+ years technical sales experience.
- 4+ years project management experience.
Security Research: Internship Opportunity
Overview
Come build community, explore your passions and do your best work at Microsoft with thousands of University interns from every corner of the world. This opportunity will allow you to bring your aspirations, talent, potential—and excitement for the journey ahead.
We are building a cutting-edge Cloud solution that gives customers visibility and control without impeding agility and helps them stay ahead of cyber threats as they evolve. You will join the group that is responsible for advanced threat detection capabilities, leveraging machine learning and behavioral profiling to detect emerging threats and advanced attacks by engineering a hyper-scale service to defend millions of hosts.
At Microsoft, Interns work on real-world projects in collaboration with teams across the world, while having fun along the way. You’ll be empowered to build community, explore your passions and achieve your goals. This is your chance to bring your solutions and ideas to life while working on cutting-edge technology.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Qualifications
Required/Minimum Qualifications
- Currently pursuing a Bachelor’s or Master’s Degree in Statistics, Mathematics, Computer Science or related field
Responsibilities
• Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
• Begin to analyze threat trends and anomalies to determine operational impact. Determine vectors that introduce threat and potential mitigation strategies. Learn about systemic security issues and how to address them.
• Process threat reporting from internal and external sources. Provide discrete threat data based on intelligence requirements or customer requests.
• Identify security defects or vulnerabilities and deficiencies in security guidance.
• Contribute code to technical implementation and automation of solutions to address security issues, such as signature detection, malware, threat analysis, or reverse engineering. Use results from research and experimentation to support architecture or product direction.
• Identify areas of dependency and overlap with other teams or team members. Provide constructive input so the work is integrated and timely. Communicate the status of deliverables and dependencies to meet schedule.
• Engage in measures to protect tools, techniques, information, and results of security practices. Respond to incidents for systems or products as needed. Use results of pen testing to improve products and services.
Penetration Testing: Internship Opportunity
Overview
Come build community, explore your passions and do your best work at Microsoft with thousands of University interns from every corner of the world. This opportunity will allow you to bring your aspirations, talent, potential—and excitement for the journey ahead.
As a Penetration Testing Intern, under supervision, you will identify problems and vulnerabilities through application of engineering to dynamically penetrate software, hardware or human systems. You will work on efforts that results in security bug discovery, exploitation and suggested security controls and mitigations in response to security flaws. These efforts will include building innovative software to identify the problems and you will have oppurtunity to learn new technologies, tools , methods. You will develop and implement pen testing strategies and apply your expertise to engineer solutions. You will help influence mitigations for current and future products and solutions.
At Microsoft, Interns work on real-world projects in collaboration with teams across the world, while having fun along the way. You’ll be empowered to build community, explore your passions and achieve your goals. This is your chance to bring your solutions and ideas to life while working on cutting-edge technology.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Qualifications
Required Qualifications
• Currently pursuing a Bachelor’s Degree in Statistics, Mathematics, Computer Science or related field
• Must have at least one additional quarter/semester of school remaining following the completion of the internship
Preferred Qualifications
• Currently pursuing a Master’s Degree in Statistics, Mathematics, Computer Science or related field
• CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification
Responsibilities
• Identifies security vulnerabilities within specialty/area or responsibility.
• Able to come up to speed on new targets with the help of others.
• Apply engineering principles to solve complex problems through sound and creative engineering.
• Leverages known information channels to gain context.
• Corroborates guidance against real world observations, determines and understands scope of potential impact and identifies variance or instances of known issues.
