Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Microsoft Senior Application Security Engineer 
United States 
399804259

30.07.2024

Employee engagement is in flux as a result of economic, demographic, and societal changes.

About this job

is responsible for

to hire a Senior Application Security Engineer to be based in our Mountain View, CA OR Redmond, WA location. As an engineer on the team, you willbe responsible for

our culture every day.

Required Qualifications:

  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field
    • OR 5+ years experience in software development lifecycle, large scale computing, modeling, cyber security, anomaly detection
    • OR equivalent experience.
  • 4+ years of experience in application Security engineering/Privacy engineering.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:

  • Citizenship & Citizenship Verification : This role will require access to information that is controlled for export under export controlregulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations.  As a condition of employment, the successful candidate will be required toprovide proof of citizenship, U.S. permanent residency, or other protected status (e.g., under 8 U.S.C. § 1324b(a)(3)) for assessment of eligibility to access the export-controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport. Lawful permanentresidents, refugees, and asylees may verify status using other documents, where applicable.This position requires verification of citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local [or applicable country] government agency customers and is subject to certain citizenship-based restrictionswhere required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport.
  • Microsoft Cloud Background Check : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

  • Experience with Security and Privacy threat modeling new features.
  • Experience with application security standards such as OWASP ASVS/Top 10, CWE 25.
  • Experience with common security libraries, security controls, and common security flaws.
  • Outstanding collaboration and partnership skills, with proven ability to drive results across teams.
  • Understanding of Responsible AI, Privacy and Compliance regulations such as GDPR, CPRA, SOC 2, ISO27k and others.
  • Experience of Privacy, Compliance, ResponsibleAIand Security audits.
  • Familiarity with web proxies such as Burp, OWASP ZAP or Fiddler.
  • Development or scripting experience. Java, Ruby, Ruby on Rails,GraphQL, REST.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until August 04, 2024.

Responsibilities
  • dataand clients, through code reviews and automation.
  • Implementing Privacy, Responsible AI and Security controls and checkpoints to detect and prevent issues early in the software development lifecycle.
  • Work with engineering and product teams in the design phase of products and features, conducting threat modeling and performing security architecture and design reviews.
  • Help engineering and product teams to understand Security, ResponsibleAI ,Complianceand Privacy requirements.
  • On-call support for escalations.
  • Implementing defense in depth mechanisms to prevent Security and Privacy vulnerabilities.
  • Embody ourand