Senior Penetration Tester
Apply NowCompany: Microsoft
Location: Redmond, WA 98052
Description:
We are looking for a Senior Penetration Tester to join our team! Are you looking for a challenge that puts you at the center of the Microsoft Edge + Platform Security Fundamentals (EPSF) strategy? Are you passionate about solving the security challenges of critical online services? Are you passionate about Penetration Testing?
Microsoft's EPSF (Edge + Platform Security Fundamentals) team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D). The EPSF Services Pentest (SERPENT) team needs an Offensive Security Engineer to increase our business partners' security posture.
Responsibilities:
EPSF Security has a world-class penetration testing team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and application security and work closely with our defense teams to continually improve our operational awareness.
Job responsibilities:
Qualifications:
Required/Minimum Qualifications
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until October 21, 2024.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Microsoft's EPSF (Edge + Platform Security Fundamentals) team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D). The EPSF Services Pentest (SERPENT) team needs an Offensive Security Engineer to increase our business partners' security posture.
Responsibilities:
EPSF Security has a world-class penetration testing team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and application security and work closely with our defense teams to continually improve our operational awareness.
Job responsibilities:
- Penetration Testing: Identify security vulnerabilities and their variants in critical services using various techniques such as source code reviews, dynamic analysis, operational security assessments etc. and validate software quality following our development standards.
- Security Automation: Participate in developing static and runtime analysis capabilities to find software security bugs quickly and with high confidence. Push the cutting edge when it comes to automated analysis of managed code and modern web services.
- Research, Training, and Tool Development: Perform research to stay current with bleeding edge of penetration testing, offensive, and defensive tools, and tactics. Leverage the output of this research for training and awareness across EPSF Security and innovation development efforts.
Qualifications:
Required/Minimum Qualifications
- 5+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
- Experience testing web services, identifying and remediating OWASP top 10 security flaws, and understanding large complex systems quickly.
- Solid Networking/Identity Isolation, Active Directory, and Linux skills.
- Solid operational security skills
- Other Requirements:
- Cloud Background check: Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
- 6+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
- OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
- Experience in technical disciplines outside security space, including general software development, networking, defensive security, database management, edge computing and full-stack development, is a plus.
- Demonstrated coding skills in one or more popular languages and platforms such as: C#, C++, Ruby, Python, and others.
- Bachelor of science or master's degree in computer science, software engineering, information security or equivalent work experience.
- CISSP, OSCP/OSCE, GCIA, or SANS certifications is a plus.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until October 21, 2024.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.