Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Microsoft Senior Cloud Security Researcher – EPSF IL 
Israel, Tel Aviv District 
46960723

25.06.2024

Required/Minimum Qualifications

    • 8+ years of hands-on experience in offensive security research, with 2+ years focus on cloud environments.
    • Proven track record of discovering and responsibly disclosing security vulnerabilities.
    • Expertise in cloud security technologies, including Azure, AWS, GCP and similar.
    • Proficiency in multiple programming and scripting languages.

Other Requirements:

    • Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Advanced degrees are a plus.
    • Strong written and verbal communication skills, with the ability to convey complex security concepts to both technical and non-technical audiences.
Responsibilities
    • Research and discover zero-day vulnerabilities in cloud environments and associated technologies. Develop and implement proof-of-concept exploits to demonstrate potential risks and work closely with engineering teams to address findings.
    • Conduct in-depth threat modeling exercises to identify security risks and vulnerabilities in Microsoft's cloud infrastructure. Collaborate with cross-functional teams to assess the impact of identified threats and propose mitigation strategies.
    • Design and execute sophisticated penetration tests against Microsoft's cloud services, simulating real-world attack scenarios. Provide detailed reports outlining vulnerabilities, exploitation techniques, and recommended remediation steps.
    • Create and maintain cutting-edge vulnerability discovery, exploitation, and penetration testing tools in cloud environments. Stay abreast of the latest security research and integrate innovative techniques into the offensive security toolkit.
    • Collaborate with internal security teams to enhance overall security posture, including incident response and defensive security. Participate in knowledge-sharing initiatives, mentor junior team members, and contribute to the security community.