Experience Inc. Jobs

Security is foundational to all product and service offerings from Microsoft. WebXT needs an experienced security professional with a deep-rooted passion in identifying security issues before they impact millions of users. As part of the Web Experiences (WebXT) Security team, you will collaborate with product engineering to innovate software design to defend against a continued and emerging security threat landscape.

As a core member of the Application Security team you will advise teams on critical security design elements, proactively identify architectural vulnerabilities and collaborate on solutions and design modifications to improve the overall security posture of WebXT offerings. You will partner with product engineering, pen testers and security personnel, acting as a subject matter expert and mentor to others on the security discipline.

Start your journey with Copilot, Edge, Microsoft Search and Bing, Microsoft News, Microsoft Maps and Microsoft Advertising today!

Responsibilities

• Provide security guidance, specify app security controls, evaluate existing security controls, host threat modelling exercises with teams responsible for new services, apps, features, API’s, devices, and third-party connections.

• Specify new security controls needed to reduce risks identified from security reviews and threat modelling exercises or from security incidents and specify these new controls as requirements to be added the organization’s SDL process.

• Proactively research new technologies, make technology recommendations.

• Drive and cultivate a positive culture of security across the engineering teams. Train product engineering to recognize bad patterns and innovate ways for developers to learn to identify security bad practice.

• Work with our security engineering team and product teams to identify, define and implement security controls and automation

Qualifications

Required Qualifications:

• 2+ years experience in security development and engineering, security consulting, or network and/or application penetration testing.

• 2+ years of hands-on and strong experience with the Security Development Lifecycle (SDL), or project managing large scale deployments.

• Experience conducting security assessments on mobile apps, cloud services running on variety of operating systems including containers.

• Bachelor’s degree in computer science or closely related discipline, or equivalent experience.

Preferred Qualifications:

• Coding skills in one or more general purpose scripting languages.

• Deep knowledge in common classes of software vulnerabilities such as XSS, CSRF, SQLi, OWASP Top 10, cryptographic attacks and beyond.

• Experience managing security or privacy compliance related engineering programs.

• Experience managing security infrastructure and operational security.

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .