Job Description

Security is foundational to all product and service offerings from Microsoft. Do you want to get your start in Application Security and identify security issues before they impact millions of users? As part of the Web Experiences (WebXT) Security team, you will collaborate with product engineering to innovate software design to defend against a continued and emerging security threat landscape.

It starts with an interest in security, a strong technical background, and an appetite to explore, learn and break things! You will be supported as you learn and grow into the role of an Application Security specialist in partnership with product engineering, pen testers and security personnel. Also, you will be cross trained on security incident response duties.

Start your journey with Bing, Microsoft News, Microsoft eSports, and Microsoft Advertising today!

* Provide security guidance, specify app security controls, evaluate existing security controls, host threat modelling exercises with teams responsible for new services, apps, features, API's, devices, and third-party connections.
* Specify new security controls needed to reduce risks identified from security reviews and threat modelling exercises or from security incidents and specify these new controls as requirements to be added the organization's SDL process.
* Proactively research new technologies, make technology recommendations.
* Drive and cultivate a positive culture of security across the engineering teams. Train product engineering to recognize bad patterns and innovate ways for developers to learn to identify security bad practice.
* Work with our security engineering team and product teams to identify, define and implement security controls and automation

Required Skills

* 2+ years professional experience in security development and engineering, security consulting, or network and/or application penetration testing.
* 1+ years of hands-on and strong experience with the Security Development Lifecycle (SDL), or project managing large scale/high volume deployments. Experience conducting security assessments on mobile apps, cloud services running on variety of operating systems including containers.
* Deep knowledge in common classes of software vulnerabilities such as XSS, CSRF, SQLi, OWASP Top 10, cryptographic attacks and beyond.
* Coding skills in one or more general purpose scripting languages.
* Bachelor's degree in computer science or closely related discipline, or equivalent experience.

Desired Skills

* Experience managing security or privacy compliance related engineering programs.
* Experience managing security infrastructure and operational security.

MicrosoftATL

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.