

Required Qualifications:
Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
OR equivalent experience.
3+ years of experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
3+ years of experience in a hands-on security role, with demonstrable software engineering skills.
3+ years of demonstrated coding skills in one or more popular languages and platforms - such as C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang.
3+ years of technical experience with multiple classes of vulnerabilities - such as cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, crypt ographic weaknesses, insecure direct object references.
Preferred Qualifications:
Bachelor's Degree in Statistics, Mathematics, Computer Science. Engineering, or related field AND 8+ years experience in security or related field
OR Master's Degree in Statistics, Mathematics, Computer Science, Engineering or related field AND 6+ years experience in security or related field
OR equivalent experience.
Experience in technical disciplines outside the security space, including general software
development, networking, database management, big data and full-stack development.
Ability to pick up new languages, platforms, and frameworks platforms quickly.
Ability to communicate about them to technical and non-technical audiences.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until September 5th, 2024.
Vulnerability discovery, variant hunting, and penetration testing: Using the best available and most appropriate methodologies - such as threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST - you will conduct in-depth assessments of selected target systems in detail to identify vulnerabilities and weaknesses. You'll also perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion.
Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end.
Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations.
Software Development: You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services.
Follow through and closure: You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings.
: Embody our
משרות נוספות שיכולות לעניין אותך