Senior Penetration Testing Specialist- Offensive Security

Join to apply for the Senior Penetration Testing Specialist- Offensive Security role at Microsoft
2 weeks ago Be among the first 25 applicants
Join to apply for the Senior Penetration Testing Specialist- Offensive Security role at Microsoft
Team Description
We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
Team Description
We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a Senior Penetration Testing Specialist will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
As a Senior Penetration Tester, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's security suite through hands-on testing and cross-team collaboration.
You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies.
You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
Qualifications
Required Qualifications:
5+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
Other Requirements
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/