Key skills
C++C
About this role
Microsoft is looking for a learn-it-all security engineer to help secure Microsoft Windows products and devices, focusing on offensive security and security engineering. The role involves uncovering attack vectors, developing mitigations, and collaborating with product engineering teams to enhance Windows security.
Responsibilities:
- Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
- Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
- Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
- Leverage a broad and current understanding of security to devise new protections
- Interact with the external security community and security researchers
- Collaborate with product teams to improve security, and articulate the business value of security investments
Requirements:
- Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
- OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
- OR equivalent experience
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
- 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
- 5+ years of experience in a software engineering or security-related engineering
- Public track record of relevant security research, especially around vulnerability discovery
- Experience exploiting bugs and bypassing security mitigations in operating systems
- Familiarity with Microsoft Windows architecture