Senior Security Software Engineer Lead at Microsoft
Senior Security Software Engineer Lead Details
Nov. 13, 2018, 7:18 p.m.
Engineering
½
People Manager
Full-Time
Redmond, WA
application security team Microsoft's COSINE, Devices,
Do you enjoy breaking things technically and providing insight into fixing the issues identified? Do you have a passion for understanding the security ramifications of software systems? What about the opportunity to work at the kind of scale most companies only dream of? If so, this is an opportunity you may be interested in! Microsoft's COSINE, Devices, and Gaming Security group is responsible for some of our largest and most important online services including Universal Store, Xbox LIVE, Microsoft Game Studios, and critical internal and partner-facing workloads. To support such a diverse portfolio, CDG Security has a world class application security team. Our goal is to ensure a secure experience for millions of users all over the world. This team is primarily focused on application security but also works closely with our offensive and defensive security teams to continually improve our security posture and promote awareness.
Focus on attracting and retaining highly skilled talent Lead a team of software security engineers at various stages of their careers to scope, identify, and perform manual and automated security reviews of our most risky services The team uses various techniques such as: fuzzing, source code review, and reverse engineering to find vulnerabilities Drive the team to develop new static and runtime analysis capabilities to more quickly find software security bugs with high confidence Push the cutting edge when it comes to automated analysis of managed code and modern web services Drive the team to
Required qualifications: BS in Computer Science, a related field, or 4+ years relevant work experience 2+ years of experience in two or more of the following: C++, C#, HTML, ASP.NET, Node JS, JavaScript, or other web-relevant modern language 3+ years of experience in one or more of the following in a large enterprise environment: threat and vulnerability management, security assurance, security monitoring, security incident response, cyber-forensics, reverse engineering, operational security, application security, red team pentest, secure design Preferred qualifications: Experience with (and ideally