FULL_TIME
5-10
Software Engineering IC3
11/27/2025
The role involves identifying security vulnerabilities in critical services through penetration testing and validating software quality. Additionally, it includes developing security automation capabilities and conducting research for tool development.
Working Hours
40 hours/week
Company Size
10,001+ employees
Language
English
Visa Sponsorship
No
About The Company
Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it embraces it. Each day we make progress together by showing up as our authentic selves. We show up with a learn-it-all mentality. We show up cheering on others, knowing their success doesn't diminish our own. We show up every day open to learning our own biases, changing our behavior, and inviting in differences. Because impact matters.
Microsoft operates in 190 countries and is made up of approximately 228,000 passionate employees worldwide.
About the Role
EPSF Security has a world-class penetration testing team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and application security and work closely with our defense teams to continually improve our operational awareness. Penetration Testing: Identify security vulnerabilities and their variants in critical services using various techniques such as source code reviews, dynamic analysis, operational security assessments etc. and validate software quality following our development standards. Security Automation: Participate in developing static and runtime analysis capabilities to find software security bugs quickly and with high confidence. Push the cutting edge when it comes to automated analysis of managed code and modern web services. Research, Training, and Tool Development: Perform research to stay current with bleeding edge of penetration testing, offensive, and defensive tools, and tactics. Leverage the output of this research for training and awareness acrss EPSF Security and innovation development efforts. Experience customizing and writing rules for SAST tools, such as CodeQL or Semgrep, Expert-level proficiency with Burp Suite, including advanced features, automation, custom extensions, and fuzzing techniques Experience with Azure cloud platforms, including cloud infrastructure security and misconfiguration management BS or MS in Computer Science, a related field, or equivalent experience 4+ years of experience in identifying security vulnerabilities in online services through penetration testing Strong background in customizing static, dynamic, and runtime analysis tools. Ability to deal with ambiguity. Experience in technical disciplines outside security space, including general software development, networking, database management, and full-stack development, is a strong plus. Demonstrated coding skills in one or more popular languages and platforms such as: C#, Java, Python, and others. Bachelor of science or master's degree in computer science, software engineering, information security or equivalent work experience. CISSP, OSCP, OSWE,GCIA, or SANS certifications is a plus.
Key Skills
Penetration TestingOffensive SecurityApplication SecuritySecurity AutomationStatic AnalysisDynamic AnalysisBurp SuiteAzure CloudC#JavaPythonSAST ToolsNetworkingDatabase ManagementFull-Stack DevelopmentCISSPOSCP
Categories
TechnologySoftwareSecurity & Safety
Apply Now
Please let Microsoft know you found this job on PrepPal. This helps us grow!
Get Ready for the Interview!
Do you know that we have special program that includes "Interview questions that asked by Microsoft?"
Elevate your application
Generate a resume, cover letter, or prepare with our AI mock interviewer tailored to this job's requirements.