Senior Cloud Security Research Manager - Edge & Platform, Devices, & Gaming - Microsoft

Microsoft Edge & Platform (E + P) org is responsible for securing some of Microsoft’s largest and most critical online services including Azure, Windows Update, Windows Engineering Systems, Product Release and Signing Services, Xbox Live, Microsoft Game Studios, and many more.

This organization develops Tactics, Techniques and Protocols to exploit novel attack surfaces and provides tooling that our red and blue teams can use to enhance operations and tune our defences in an ever-shifting threat landscape. Our team also looks at the wider picture at Microsoft to research highly likely avenues of attack and surface our discoveries before they are actively exploited in the wild. 

Microsoft and the Azure Edge + Platform team are looking for a creative cloud security research leader to manage a small expert team of cloud security researchers, as well as doing hands on research themselves. If you are passionate about people, security and ensuring cloud services are one step ahead of attackers, we have the perfect job for you.

Being part of Edge + Platform, you will manage a small team of security researchers tasked with helping Microsoft cloud engineers ship the most secure cloud services possible.

The ideal candidate will be a technical subject matter expert in cloud security research, and with leadership qualities to lead additional researchers in hands on research.

Candidates should have hands-on experience with cloud services, a clear understanding of security fundamentals, solid computer science skills, and a passion for keeping Microsoft customers safe.

You will: 

• Lead the work of a security focused engineering research team across multiple concurrent projects
• Perform strategic and independent security research and discover new offensive techniques
• Communicate research findings to partner teams and organizations to realize wider security impacts
• Contribute to improving the security posture of cloud services
• Evaluate tools, techniques, and procedures for feasibility and impact
• Develop and refine offensive security knowledgebases, guides, and training
• Contribute to tooling and automation for Offensive Security, including discovery, automated analysis, exploitation, post-exploitation, and persistence tooling

Pleae note! This position includes managing a small team and requires hands-on reaserch work. 

Required Qualifications: 

• 5+ years of identifying vulnerabilities in cloud services / networking / DBs
• 8-12 years of experience in SW engineering, including building detective/preventive Security controls
• Strong understanding of common attacks, and a history of successfully applying defensive tactics to large scale Cloud hosted services
• Outstanding team player with strong cross-group collaboration skills and communication skills

Preferred Qualifications: 

• Experience leading a team of security researchers
• Public track record of relevant security research, especially around vulnerability discovery
• Relevant certifications from SANS, Offensive Security, CISSP, GIAC or a similar industry-recognized body
• Experience exploiting bugs and bypassing cloud security mitigations
• Experience with data analysis tools and/or AI/ML

#OSSecurity

#EDGIL

#MORSEIL

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.