Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Microsoft Security Engineer II 
United States, Washington 
748788305

25.06.2024

Required/Minimum Qualifications

  • 3+ years experience in hands-on penetration testing and in identifying security vulnerabilities.
  • 3+ years experience in cyber security.
  • 1+ years of experience in working collaboratively, solving problems with groups, finding win/win solutions and celebrating successes.

Other Requirements

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:

  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred/Additional Qualifications

  • 1+ years of experience and understanding of security in Microsoft Azure or any of the major Cloud providers.

  • 1+ years of experience in threat modeling, security reviews and security assurance.

  • 1+ years experience coding in C/C++, dotnet, JavaScript, Python, SQL, or others, with expertise in troubleshooting and debugging skills.

  • An understanding of security knowledge around native applications, web applications, distributed and database systems.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until June 26, 2024.


Responsibilities

As a Security Engineer II you will:

Security Assurance

  • Understand current security trends and vulnerabilities.
  • Participate in security design reviews and threat model reviews prior to the release of new products or features, communicating clearly the different security options and tradeoffs.
  • Deliver broadly available security trainings based on learnings from previous exercises or incidents.

Penetration Testing

  • Ramp up and understand new designs, systems, and technology as they are built.
  • Participate in comprehensive assessments of features and large-scale applications and environments. This includes mapping out the surface area and assessing prioritization based on time, resource, and general importance tradeoffs.
  • Find vulnerabilities in various spaces such as web applications, native applications, database systems, authentication flows, distributed systems and designs, and protocols. Pulling from a flexible knowledgebase of topics such as OWASP, memory corruption, privilege escalation, networking, and etc. to find both common and uncommon issues.

Embody our and