Microsoft Principal Security Engineer 

Taiwan, Taoyuan City 

968328325

Qualifications - Required:

• Bachelor's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 6+ years related experience (e.g., statistics, predictive analytics, research)
  • OR Master's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 4+ years related experience (e.g., statistics, predictive analytics, research)
  • OR Doctorate in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 3+ years related experience (e.g., statistics, predictive analytics, research)
  • OR equivalent experience.
• 6+ years designing and operating production cloud infrastructure, of which 3+ years were dedicated to hands-on security research (e.g., adversary simulation, log analysis, ) that drove new detections or mitigations.
• Prodicient coding ability in at least one modern language (Python, Go, or comparable) and deep proficiency in infrastructure-as-code frameworks (e.g., Terraform, ARM/Bicep, or CloudFormation).
• 3 + years hands-on experience building red-team ranges or adversary-simulation labs—including the automation of attacker tooling, control channels, and safety guardrails.
• Demonstrated multi-cloud fluency (Azure required, plus working knowledge of AWS and/or GCP) spanning identity, networking, and logging services.
• Proven history of mentoring or guiding other engineers and partnering cross-discipline with security researchers, applied scientists, or SOC teams to turn threat hypotheses into reproducible cloud environments.

Other RequirementsAbility to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications

• Proven record of shipping open-source security tooling or presenting original research at conferences such as Black Hat, DEFCON, BSIDES or others.
• Experience applying large-language models or multi-agent frameworks to security automation, adversary simulation, or detection engineering.
• Verbal and written communication skills with the ability to convey complex security concepts effectively.
• Previous project management skills with a proven track record of driving projects to completion.

• Architect, automate, and harden multi-cloud research environments via infrastructure-as-code, baking in security controls, policy-as-code guardrails, and one-click teardown to enable rapid, cost-efficient iteration.
• Engineer telemetry pipelines that let AI-driven adversary simulations run safely at scale, capturing identity, network, and endpoint signals as labeled ground-truth datasets for detection and model training.
• Collaborate closely with security researchers, red-teamers, and applied scientists to translate attack hypotheses into reusable IaC modules and cloud-native patterns that replicate real-world campaigns.
• Iterate on simulation frameworks—reducing environment spin-up time, broadening scenario coverage across new cloud services, and embedding detection hooks for blue-team validation.
• Instrument environments with end-to-end observability dashboards that surface reliability, performance, and spend, driving continuous optimisation of lab operations.
• Evangelise best practices through internal workshops, open-source contributions, and conference presentations, mentoring engineers and advancing the state of secure cloud research infrastructure.