Security Software Engineer II

Full Time
Redmond, WA
Industry: Computer Software
Areas of Interest: Software Assurance and Security Engineering
report a problem

Be What's Next
Transform your career with Microsoft Services

Do you enjoy breaking things technically but are also capable of providing insight into fixing the issues identified? Is your passion understanding the security ramifications of software systems? What about the opportunity to work at the kind of scale most companies only dream of? Then this is an opportunity you may be interested in. Microsoft’s Windows and Devices Group (WDG) is responsible for some of Microsoft’s largest and most important online services including the Universal Store, Xbox LIVE, Microsoft Game Studios, and more.


To support such a diverse portfolio, WDG has a world class application security team. Our goal is to ensure a secure experience for millions of users all over the world. This team is primarily focused on application security but also work closely with our offensive and defensive security teams to continually improve our security posture and promote awareness.


The main responsibilities of this role include:  

  • Scope, plan and perform manual component reviews of our most risky services.
  • The team uses various techniques such as: fuzzing, source code review and reverse engineering to find vulnerabilities in these critical components of WDG services or the services they rely on.    
  • Help identify and develop new static and runtime analysis capabilities and checks so that software security bugs in code can be found quickly and with high confidence. Push the cutting edge when it comes to automated analysis of managed code and modern web services.  
  • Perform Research, Training, and Tool Development to support the function.  


Basic Qualifications:

  • 3+ years of software development experience.  

Successful candidates will have:  

  • BS or MS in Computer Science, a related field, or equivalent experience  
  • Strong coding skills including C#, HTML, ASP.NET, Node JS, JavaScript, etc.  
  • Experience testing web services, identifying and remediating OWASP top 10 security flaws, and understanding large complex systems quickly    
  • Experience of penetration testing and/or static code analysis  
  • Strong background in customizing static, dynamic and runtime analysis tools  
  • Solid verbal and written communication skills  
  • Solid teamwork and cross group collaboration skills  
  • Ability to deal with ambiguity  
  • Previous management experience a plus but not required for the right candidate  





Microsoft is an equal opportunity employer.   All qualified applicants will receive consideration for employment without regard to race, color, gender, sexual orientation, gender identity or expression, religion, national origin, marital status, age, disability, veteran status, genetic information, or any other protected status.

Share this job:


Be What's Next Transform your career with Microsoft Services
Come as you are. Do what you love. At Microsoft we help people and businesses throughout the world realize their full potential. We make this simple mission come to life every day through our passion to create technologies and develop products that touch just about every kind of customer. Working at Microsoft gives you the opportunity to do things that make a real difference in millions, even billions, of lives. To reach your full potential. So why not take a closer look at Microsoft? We think you’ll find that amazing things really do happen here.
Visit Microsoft's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 10,001+