Senior Security Engineer

The Substrate Auth Quality and Defense team focuses on safeguarding authentication and access control mechanisms. The role involves working on security assessments, threat modeling, risk assessment, and security tooling to reduce risks and improve operational efficiency in identity and authentication security.

Required Qualifications:

• Master's or Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field with experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection.
• OR equivalent experience.

Other Requirements:

• Ability to meet Microsoft, customer, and/or government security screening requirements.
• Must pass Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Enterprise experience in the required fields and qualifications.

Conducting Research:

• Lead efforts to clean, structure, enrich, and standardize data for analysis while ensuring privacy compliance.
• Research critical security areas, vulnerabilities, attacks, and adversary tracking.
• Partner cross-functionally to design solutions to prevent, detect, and disrupt attacks.
• Leverage AI workflows to understand research operations and identify protection opportunities.
• Analyze complex issues using multiple data sources to identify vulnerabilities and threats.
• Recommend process improvements and best practices.

Industry Leadership:

• Identify potential security issues, tools, mitigations, and processes.
• Maintain knowledge of industry trends, technologies, and advances.
• Contribute to internal and external communities through publications and conferences.
• Develop deployment and security configuration standards.

Orchestration:

• Ensure integrity of security tools and practices.
• Assess operational security measures like red teaming and penetration testing.
• Investigate, diagnose, triage, and remediate security incidents.
• Conduct postmortem and root cause analyses for security incidents.
• Lead large-scale security reviews and synthesize findings.
• Implement best practices for security architecture and design.
• Monitor and respond to security events and compliance issues.

Solution Generation:

• Solve technical implementation and automation issues related to security.
• Identify, prioritize, and address security issues and lead mitigations.
• Gather and synthesize feedback from customers and partners.
• Contribute to guidelines and best practices for security products like Microsoft Defender and Microsoft Sentinel.

Ability to meet Microsoft, customer, and/or government security screening requirements including passing the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer and provides accommodations for disabilities and religious practices during the application process.