Want to be working on projects that are at the forefront of innovation and strategy for our company? Microsoft's AI and R (Artificial Intelligence and Research) provides online services that include Bing, Cortana, and many strategic digital work-life scenarios. AI and R also provides key platform components that power Windows 10 search, Cortana personalization, and speech recognition. For the experienced security specialist, this is an amazing opportunity to flex your creative muscles as you leverage your practical operational and security expertise to identify, assess and resolve security issues that affect a multi-billion dollar business that aims to make the web more interactive and relevant. The key responsibilities include penetration testing of sensitive pre-prod and production systems , monitoring and the assessment of security controls in the production environment, leading operational security automation, security process engineering, vulnerability assessments, and design reviews
Independently perform in-depth penetration testing of sensitive production systems to identify risks and propose mitigations. Review mobile applications, IOT devices, web applications, and binaries for vulnerabilities. Keep up with security trends and technologies to help educate engineering teams on the secure management and deployment of applications and services Solicit and champion security and quality improvement ideas through technical presentations Help define deployment best practices and security configuration standards to ensure technologies are deployed in a secure fashion Perform operational
Basic qualifications: 3+ years of security penetration testing experience required 5+ years experiences with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, Python, JavaScript, PowerShell BS degree in Computer science or related engineering field Preferred qualifications: Red-Team security testing experiences Familiarity with common mitigating controls and their implementation Working knowledge of application security assessment and applicable review methodologies Understanding of vulnerabilities in web applications and APIs along with potential