New job, posted less than a week ago!
Job Details
Posted date: Jan 28, 2026
There have been 4 jobs posted with the title of Security Operations Engineering all time at Microsoft.There have been 4 Security Operations Engineering jobs posted in the last month.
Category: Security Operations Engineering
Location: WA, Redmond
Estimated salary: $158,000
Range: $100,600 - $215,400
Employment type: Full-Time
Work location type: 0 days / week in-office – remote
Role: Individual Contributor
Description
OverviewThe Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.
The Security Operations Engineer will join the IAM Protect team within the CISO organization, supporting identity and access management (IAM) security operations across Microsoft’s cloud environments. Our organization leads the Tenant Isolation pillar within our Secure Future Initiative. This team within IAM Protect focuses in the productivity tenant space with an amplified focus on integrating AI into our day-to-day workstreams to: reduce manual touchpoints, identify gaps in security risk scopes, relentlessly pursue progress for key SFI initiatives in the tenant isolation space, and ensure our workstreams accrue to impact while striving to strengthen identity protection controls.
A Day In This Role:
As a Security Operations Engineer, you will play a pivotal role in improving security within Microsoft. You will work closely with engineering, program management, and business stakeholders to clarify roles, responsibilities, and escalation paths. With minimal guidance, you will work with internal and external parties to push solutions to the environment to address threats and burn down active risk. You will analyze key metrics, key performance indicators (KPIs) and other data sources to identify trends in security issues and drive results or escalate appropriately. This is a unique opportunity to contribute to the safety and integrity of some of the world’s most critical assets. When your future direct teammates were asked to describe this team in one word, the results were: Synergetic, Rockstars, Connected, Supportive, Formidable, Impactful, and Empowered. 
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
 
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities
Implement and enforce identity protection controls
Drive operational execution of IAM security policies (e.g., Conditional Access, MFA, token protection) to reduce lateral movement and credential compromise risks.
Collaborate on Secure Future Initiative (SFI) objectives
Partner with engineering and program teams to deliver SFI milestones such as phish-resistant MFA, token protection, conditional access policies, and legacy domain deprecation in productivity tenants.
Automate and optimize security workflows
In partnership with senior engineers and PMs, identify opportunities for automation and AI-native solutions to reduce manual touchpoints and improve efficiency in tenant governance and isolation processes.
Analyze telemetry and KPIs to drive risk reduction
Use data from S360 dashboards, Geneva logs, and other sources to track compliance, detect drift, and report progress against isolation and identity hardening goals.
Support tenant lifecycle security operations
Execute secure onboarding, baseline enforcement, and drift correction for auxiliary and ephemeral tenants; ensure alignment with IAM Protect governance standards.
Partner across teams for incident response and escalation
Work with internal stakeholders to push fixes into production environments, burn down active risk, and maintain readiness for high-severity incidents impacting tenant isolation.
Embody our culture and values  
Qualifications
Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), OR operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, OR related field AND 2+ years’ experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience.
Other Requirements:
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check:
This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred Qualifications: 
Experience with cloud IAM platforms (Azure AD, Entra ID, etc.)
Familiarity with SIEM, SOAR, and security automation tools used in operational security environments
2+ years in security operations, incident response, or IAM engineering  
Analytical, troubleshooting, and communication skills
Ability to work collaboratively in a fast-paced, cross-functional environment
Proficiency in building and optimizing queries using Kusto (KQL) or experience with similar query languages for data analysis and reporting
Experience in large-scale enterprise or cloud environments
Scripting or automation experience (PowerShell, Python, etc.)
#IAMProtect; #MSFTSecurity; #SecuretheFuture #CISO
Security Operations Engineering IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
Check out other jobs at Microsoft.