Senior Software Engineer (Red Team Operator)

Posted 7 days ago
Main Location
Redmond, WA, United States
Open jobs

This position is open to flexibility on location. (remote work)

 

Do you enjoy breaking things technically but are also capable of providing insight into fixing issues at scale? Do you have a passion for all kinds of offensive security work? What about the opportunity to work at the kind of scale most companies only dream of?

 

Are you looking for a challenge that puts you at the center of the Microsoft Edge + Platform, Devices, and Gaming Security? Are you passionate about solving the security challenges of critical online services? Then this is an opportunity you may be interested in.

 

Microsoft's EDG Security (Edge + Platform, Devices, and Gaming) team is responsible for some of Microsoft's largest and most influential online services, including Xbox LIVE, Microsoft Game Studios, and more. The EDG Services Pentest (SERPENT) Red Team needs a Security Software Engineer to increase the security posture of our business partners.

 

We have a world-class offensive security team that helps to ensure a secure experience for billions of users all over the world. Our team is primarily focused on identifying systemic vulnerabilities across application, network, and operational security domains. We work closely with both our product and defense teams, providing an offensive perspective to their business.

Responsibilities

Our goal is to continuously improve the security posture of the organization by emulating our real-world adversaries. The primary responsibilities of this role include:

Red Team: Lead and participate in covert penetration testing engagements in order to emulate real-world adversaries including Nation-States and Organized Crime. Reconnaissance, Exploitation, and Post-Exploitation techniques should be used until the goals are accomplished, preferably undetected.


Purple Team: Lead and participate in overt penetration testing engagements in order to emulate real-world adversaries including Nation-States and Organized Crime. Open collaboration with our product teams, environment owners, and defensive teams is expected in order to comprehensively understand the target and provide guidance on how to improve their overall security posture through design changes, mitigations, security controls, and detections.


Between engagements:Research: Perform research to stay current with bleeding-edge application security, offensive, and defensive tools, tactics, and procedures.


Training: Leverage the output of this research for training and awareness across EDG.
Tool Development: Create tooling to automate research results and common Red Team tasks.
Combine efforts with other teams to keep scaling up our operations and increase the security posture of all Microsoft services.

Qualifications

Successful candidates will have:

  • BS or MS in Computer Science, a related field, or equivalent experience
  • A minimum of 5+ years of experience performing offensive security engagements (Experience leading offensive engagements is highly desired)
  • Strong coding skills including C/C++, C# & ASP.Net, JavaScript, PowerShell, and Python in both X86 and X64 environments
  • Strong experience in Windows and Linux.
  • Strong Operational Security skills
  • Solid Networking/Identity Isolation Active Directory, and Linux skills
  • Experience reverse engineering Native and Managed Code
  • Experience testing web services, identifying and remediating OWASP top 10 security flaws, and understanding large, complex systems quickly
  • OSCP/OSCE/GIAC certifications are desired
  • Solid verbal and written communication skills
  • Solid teamwork and cross-group collaboration skills
  • Able to deal with ambiguity

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

 

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

 


Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Mission
We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team
Senior Software Engineer (Red Team Operator)
Microsoft Corporation