New job, posted less than a week ago!
Job Details
Posted date: Dec 22, 2025
Category: Security Assurance
Location: Multiple Locations, Multiple Locations
Estimated salary: $188,900
Range: $119,800 - $258,000
Employment type: Full-Time
Work location type: 0 days / week in-office – remote
Role: Individual Contributor
Description
OverviewThe Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.
Team Overview
Our team is part of Microsoft’s Product Security Engineering organization, focused on securing solutions for regulated industries. We are a group of 7 security engineers led by Mathieu Durand (Principal Security Engineering Manager), working collaboratively to:
Threat Modeling Excellence
Conduct weekly threat models to identify and mitigate risks early in the development lifecycleSecure Future Initiative (SFI) Compliance
Drive adoption of secure-by-default configurations, including managed identities and Defender for Cloud, ensuring production workloads meet compliance standards.Innovation & Automation
Integrate AI-driven tools and automation into workflows to improve efficiency and scale security processes.Collaboration & Inclusion
Operate under One Microsoft principles, fostering diversity and teamwork to deliver secure, compliant, and resilient solutions.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities
Join a high-impact team dedicated to securing Microsoft products and services for regulated industries. This role focuses on proactive threat modeling, compliance enforcement, and driving secure-by-default principles across cloud and enterprise solutions.
Key Responsibilities
Threat Modeling & Risk Analysis
Identify and mitigate security risks early in the development lifecycle through structured threat modeling sessions.Compliance & Standards
Implement and validate security controls aligned with frameworks such as NIST 800-53, Secure Future Initiative (SFI), and industry regulations.Secure-by-Default Engineering
Advocate and enforce configurations like managed identities, Defender for Cloud, and network isolation for production workloads.Automation & Innovation
Develop scripts and leverage AI-driven tools to streamline security processes and scale threat modeling efficiency.Collaboration & Influence
Partner with engineering teams, product managers, and compliance stakeholders to embed security into design and delivery.
Qualifications
Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR equivalent experience. Preferred Qualifications:
Knowledge of cloud security (Azure preferred) and enterprise security principles.Hands-on experience with threat modeling, secure coding practices, and compliance frameworks.Proficiency in PowerShell/Python scripting for automation.Familiarity with NIST 800-53 controls, identity management, and network security.CISSP or equivalent certification.Experience with regulated industry requirements (e.g., financial services, healthcare).Exposure to AI-driven security tools and automation workflows.Communication and collaboration skills; ability to influence across teams.
Security Assurance IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
Check out other jobs at Microsoft.