New job, posted less than a week ago!
Job Details
Posted date: Jan 28, 2026
Category: Security Operations Engineering
Location: Redmond, WA
Estimated salary: $222,050
Range: $139,900 - $304,200
Employment type: Full-Time
Work location type: 3 days / week in-office
Role: Individual Contributor
Description
OverviewThe Cloud & AI organization accelerates Microsoft’s mission and ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.
IAM Protect safeguards Microsoft’s most critical cloud workloads by reducing risk in the Trusted Computing Base (TCB). We identify adversary paths, shrink the TCB’s attack surface, improve tenant/service isolation, and ensure high-fidelity telemetry exists to detect and respond at speed.
We’re hiring a Principal Security Operations Engineer - Systems Architect to lead the technical architecture for TCB risk reduction. You will design and drive end-to-end solutions that (1) identify and quantify risk, (2) shrink TCB footprint and collapse unneeded trust edges, (3) raise isolation guarantees across identity, networking, compute, storage, and supply chain, and (4) expand/validate telemetry coverage required for prevention, detection, and response. This role is deeply technical and hands-on: you’ll author reference architectures, hardening patterns, and guardrails; host design reviews with partner teams; and lead cross-company risk burndown campaigns that land durable controls - not just playbooks.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities
Own the TCB security architecture: threat model key trust boundaries, define target states, and codify compensating controls.Lead risk identification & key results frameworks: quantify breach paths, set objective success criteria, and measure risk residuals.Architect isolation patterns (identities, secrets, network paths, compute/storage seams) and drive enforcement with engineering owners.Design telemetry baselines and validation loops (coverage, quality, retention) to support operations, and close gaps with productized pipelines.Run burndown campaigns: prioritize work, produce decision docs, sequence mitigations, and hold the line on SLAs.
Qualifications
Required/minimum qualifications:
Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response ORDoctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident responseOR equivalent experience.
Other Requirements
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred Qualifications:
10+ years of experience in security engineering, security operations, or technical program management with a focus on large-scale, cloud or enterprise environments.Strong experience building automated solutions for vulnerability management, threat detection, and security configuration drift.Strong understanding of security graph models, adversary techniques, attack path analysis, or breach path quantification, with an attacker mindset to identify weak links in the services/systems before adversaries exploit them.Hands-on experience with automation of telemetry/logging pipelines to validate security coverage at scale.Demonstrated expertise in identity, secrets, or infrastructure security, with hands-on experience reducing risk through technical controls, policy enforcement, or automation.Experience with AI/ML in security contexts, such as anomaly detection, predictive modeling, or triaging security signals using large datasets.Strong ability to translate complex technical risk into prioritized plans of action and measurable outcomes.Proven track record of driving cross-team initiatives across engineering, security, and operations organizations.Experience with data analysis and reporting, using telemetry, logs, or metrics to inform decisions and measure progress. Proficiency in Kusto/KQL and the ability to design and build tooling that scales across environments and teams.Excellent written and verbal communication skills, including the ability to influence technical and executive audiences.
Security Operations Engineering IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
Check out other jobs at Microsoft.