CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Principal Security Architect - Windows Server

United States, Redmond 139900.00 - 274800.00 USD / Year · Job Posted March 26, 2026
Apply Position
Job Link Share

Job Description

The Windows Server Security Architect (L66) defines and drives security architecture for Windows Server across on-premises, hybrid, and cloud-connected deployments. As a Principal Security Architect - Windows Server, sets the technical direction for threat-resistant platform capabilities, partners across engineering teams to drive implementation, guides secure-by-design engineering practices, and coordinates with incident response and compliance teams. The architect is expected to lead through influence, make high-impact design and security decisions, and translate evolving threats, security requirements, and customer needs into actionable platform architecture.

Job Responsibility

  • Own end-to-end security architecture for core Windows Server components (e.g., boot and firmware trust, kernel and virtualization security, identity and access, networking, storage, management plane), balancing security, reliability, performance, and compatibility
  • Partner with engineering teams to shape designs early (architecture “shift left”), secure appropriate resourcing, identify design risks, and unblock delivery with pragmatic, secure solutions
  • Develop and maintain reference architectures, security design patterns, and guardrails for Windows Server features and services used in on-premises and hybrid environments
  • Lead threat modeling and security reviews for new and existing capabilities
  • drive mitigations for high-severity threats and systemic classes of vulnerabilities
  • Define security requirements and non-functional constraints (e.g., secure defaults, hardening baselines, cryptographic standards, key management, auditability, logging, and telemetry) and ensure they are translated into engineering deliverables
  • Act as a technical leader during security incidents: assess impact, guide containment and remediation, and drive post-incident architectural improvements
  • Collaborate with product management, customer support, and field teams to understand real-world attack patterns and operational constraints
  • incorporate learnings into architecture
  • Represent Windows Server security architecture in cross-team reviews and executive/partner communications
  • articulate tradeoffs and recommendations clearly and persuasively

Requirements

  • Bachelor's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter

Nice to have

  • Demonstrated experience designing secure architectures and leading threat modeling, security reviews, and mitigation planning for complex, distributed systems
  • Ability to influence without authority across engineering teams, establish technical direction, and drive alignment through clear written and verbal communication
  • Expertise in security controls such as secure boot/TPM, virtualization-based security, identity and credential protection, code integrity, exploit mitigations, cryptography, and secure configuration
  • Experience partnering across disciplines (engineering, PM, incident response, privacy/compliance) to deliver measurable risk reduction
  • Experience with Windows Server security features and management (e.g., Active Directory/Entra integration patterns, Group Policy, Windows Defender, WDAC/App Control, Credential Guard, BitLocker, Secure Core)
  • Solid understanding of modern attacker techniques (credential theft, lateral movement, persistence, privilege escalation, supply chain and build attacks) and corresponding defensive strategies
  • Deep knowledge of Windows OS fundamentals (kernel concepts, security boundaries, process and memory isolation, drivers, authentication and authorization, networking stack) and how enterprise environments deploy and manage Windows Server
  • Background in vulnerability research, exploit development/mitigation, reverse engineering, or advanced debugging of OS and low-level components
  • Experience securing supply chain and build/release systems, including code signing, artifact integrity, and secure servicing practices
  • Knowledge of compliance and assurance needs for enterprise and regulated industries (e.g., audit logging, FedRAMP/ISO/SOC expectations) and how to architect for evidence and controls
  • Familiarity with cloud and hybrid security architectures (e.g., Azure, Arc-enabled servers, managed identities, zero trust patterns)
  • Contributions to security standards, open-source security projects, or published security research
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Principal Security Architect - Windows Server

8 matching positions

Principal Firmware Architect - Hyperscale & AI Rack-Based Compute Systems

The Principal Firmware Architect will be responsible for architecting server and...
Location
Location
United States , Georgetown
Salary
Salary:
Not provided
sanmina.com Logo
Sanmina
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency in one or more of the following: AMI BMC FW, OpenBMC FW, HP iLO, Dell iDRAC, UEFI FW (BIOS)
  • Experience with DMTF standards such as MCTP, NC‑SI, PLDM, OVF, Redfish, SPDM
  • Knowledge of security protocols, Root of Trust, and secure design principles
  • Experience with operating systems and driver design/usage
  • Strong background in Intel/AMD/ARM/GPU platform architectures
  • Strong understanding of Baseboard Management Controller (BMC) functionality, telemetry, and controls
  • Working knowledge of server operating systems including Windows Server (2016, 2019, 2022) and Linux (CentOS, Ubuntu, Fedora, SUSE)
  • Knowledge of virtualization technologies (VMware, Citrix, Microsoft)
  • Understanding of software driver implementation, IP schemas, and network protocols
  • Demonstrated ability to learn and apply new technologies
Job Responsibility
Job Responsibility
  • Develop long‑term hyperscale server firmware and security technology strategies based on customer needs
  • Develop, test, debug, and optimize firmware for ZT hyperscale compute/storage products and proof of concepts
  • Drive adoption of firmware development strategies internally and externally
  • Collaborate directly with customers on new firmware architectures for compute servers, storage servers, and add‑on cards
  • Solve performance and operational challenges to deliver business value through ZT firmware
  • Contribute firmware and security content to System Architecture Specifications for ZT server products
  • Build long‑term technical relationships within the firmware technology ecosystem to influence next‑generation server design
  • Align with customers and partners on security requirements and guide ZT engineering teams accordingly
  • Participate in in‑depth security reviews and drive compliance with industry standards
  • Engage in industry forums, workgroups, and consortiums related to firmware and security initiatives
What we offer
What we offer
  • Competitive base salary
  • Performance-based annual bonus eligibility
  • 401(k) retirement savings plan
  • Tuition reimbursement for eligible education programs
  • Comprehensive medical, dental, and vision coverage with access to leading providers
  • Mental health resources and employee wellness support programs
  • Company-paid life and disability insurance
  • Paid time off (PTO) and company-paid holidays
  • Parental leave and family care support programs
  • Structured training programs and on-the-job learning opportunities
Read More
Arrow Right

Principal DevOps Engineer

Riverstone Enterprise Solutions, an Envision Innovative Solutions Company, deliv...
Location
Location
United States , Annapolis Junction
Salary
Salary:
200000.00 - 220000.00 USD / Year
rivsol.com Logo
Riverstone Enterprise Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or higher is required in either Engineering (i.e. Computer, Electrical, Mechanical, Aerospace, etc.) or Computer Science with a minimum of ten (10) years of related experience. Five (5) years of additional DevOps experience may be substituted for a bachelor's degree
  • Must be fluent with Git
  • Strong knowledge of Linux and Linux environments (RHEL 617/8, RHCSNRHCE CentOS)
  • Experience with Windows system administration, system monitoring, instrumentation, resiliency and performance
  • Experience integrating Jenkins/Bamboo Docker, and Kubernetes for automated deployment preferred
  • Experience with caching technologies (Memcache, Active MQ, Redis, APC, etc.)
  • Experience with MySQL (Clusters, Replication, and Tuning) and Elasticsearch (Kibana a plus)
  • Knowledge of security practices, networking protocols, firewalls, PCI compliance etc.
  • Experience managing/monitoring AWS cloud and virtualized servers for optimal performance while working in a Platform as a Service (PaaS) environment
  • Familiarity with software development life cycle models, agile, and DevOps programming methodologies
Job Responsibility
Job Responsibility
  • Support the development life cycle of platform architectural design, deployment and debugging
  • Develop & maintain sound version control best practices-based CM systems (GIT), including branching and merging strategies
  • Serve as a technical lead for an Agile team and actively participate in all Agile ceremonies
  • Participate in all team ceremonies including planning, grooming, product demonstration and team retrospectives
  • Ability to automate release deployments across development, test, staging, Quality Assurance and production stacks using a combination of scripting languages and other automation toolkits
  • Set-up up new sites and applications via configuration management such as Puppet and Ansible
  • Maintain / upgrade/ patch tracking and documentation software (Confluence / Jira)
  • Create, Assist, and Implement design and maintenance web service infrastructure and deployment
  • Leverage programming Languages such as Python, Ruby, Perl, and Java
  • Proficient with DevOps or Site Reliability Engineering methodologies
  • Fulltime
Read More
Arrow Right

DevOps Engineer (Data Center)

We are looking for a Cloud Infrastructure Engineer to help shape and deliver a m...
Location
Location
Salary
Salary:
Not provided
coherentsolutions.com Logo
Coherent Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cloud infrastructure engineering, with deep hands-on expertise in Microsoft Azure and production experience with at least two major cloud providers, such as Azure, AWS, or GCP
  • Strong experience with cloud networking, IAM, compute, IaaS/PaaS services, and Microsoft Entra ID / Azure AD, including conditional access, workload identity federation, SAML/SCIM, and service principal governance
  • Proven expertise in IaC using Terraform and/or Bicep, including governed landing zones, module registries, and cloud infrastructure migration
  • Hands-on experience designing and operating CI/CD pipelines using Azure DevOps, GitHub Actions, or similar tools, including pipeline-as-code, security scanning, and deployment gates
  • Solid understanding of zero-trust architecture, IT/OT boundary security, and industrial control environments such as SCADA, HMI, and ICS
  • Experience designing and validating disaster recovery architectures across regions and cloud providers, including RTO/RPO definition and automated failover testing
  • Familiarity with FinOps practices and tools, including cost tagging, spend attribution, showback/chargeback models, CloudHealth, CloudCor, or native cloud cost tools
  • Experience with policy-as-code frameworks such as Azure Policy, AWS SCPs, GCP Organization Policies, or Open Policy Agent
  • English level: B2 or higher
Job Responsibility
Job Responsibility
  • Lead the assessment and modernization of enterprise cloud workloads, defining migration roadmaps across retain, re-platform, refactor, and retire scenarios
  • Design governed multi-cloud landing zones across Azure, AWS, and/or GCP, standardizing networking, identity, policy, and account/subscription topology through Terraform and Bicep
  • Establish cloud-agnostic infrastructure practices, reusable IaC modules, and automated provisioning standards to reduce manual operations and subscription sprawl
  • Govern identity and access across cloud platforms, SaaS applications, and CI/CD workloads using Microsoft Entra ID, conditional access, workload identity federation, and service principal controls
  • Architect secure hybrid and cross-cloud connectivity, including ExpressRoute, SD-WAN, traffic segmentation, and low-latency data transfer patterns
  • Implement zero-trust security controls for IT/OT boundaries, including inspected and policy-enforced traffic flows for SCADA, HMI, ICS, and enterprise systems
  • Design resilient, highly available cloud architectures with defined RTO/RPO targets and automated disaster recovery validation
  • Build platform services, CI/CD templates, and self-service infrastructure capabilities that enable internal teams to consume cloud services through documented standards and APIs
  • Implement governance, policy-as-code, and FinOps practices to enforce security, compliance, cost tagging, spend attribution, and cloud cost optimization
  • Support strategic modernization initiatives, including Kubernetes adoption, application containerization, database optimization, and reduction of Windows server licensing costs
What we offer
What we offer
  • Technical and non-technical training for professional and personal growth
  • Internal conferences and meetups to learn from industry experts
  • Support and mentorship from an experienced employee to help you professional grow and development
  • Health insurance
  • English courses
  • Sports activities to promote a healthy lifestyle
  • Flexible work options, including remote and hybrid opportunities
  • Referral program for bringing in new talent
  • Work anniversary program and additional vacation days
Read More
Arrow Right

Principal Product Support Engineer Level 4

HPE is seeking a Principal Product Support Engineer (Level 4) to serve as the pr...
Location
Location
United States , Oklahoma City;Dallas;Houston;Montgomery
Salary
Salary:
152000.00 - 349000.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • U.S. Citizenship (required without exception)
  • Active Secret clearance, or demonstrated ability to obtain one (U.S. citizen with clean background)
  • Bachelor’s degree in Computer Science, Information Technology, Engineering, or equivalent hands-on experience
  • 10+ years of hands-on experience in infrastructure engineering, systems administration, or technical support — with demonstrated depth in at least three of the following domains: VMware (ESXi, vCenter, vSAN, NSX) and/or KVM/libvirt — both are relevant
  • KVM experience is highly desired
  • Kubernetes and containerized workloads (hands-on cluster operations, not solely architectural review)
  • Linux systems administration and live troubleshooting (Red Hat, Ubuntu, or similar)
  • Enterprise networking (routing, switching, VLANs, overlay networks, load balancing, firewalls)
  • Windows Server in hybrid/AD environments
  • Hybrid or on-premises cloud infrastructure
Job Responsibility
Job Responsibility
  • Receiving escalations from on-site Level 1–3 teams, triaging root cause hands-on, and owning the technical path to resolution across the full infrastructure stack
  • Engaging directly with HPE engineers: writing structured defect reports with reproduction steps, attending engineering triage calls, and validating patches in customer environments before broader rollout
  • Translating field-observed symptoms into actionable technical requirements for product and engineering teams
  • Training and enabling a managed services team field engineers who are new to the PCE platform
  • Monitoring customer environments
  • triaging alerts and contributing to dashboard and observability improvements
  • Conducting on-site work at customer locations
  • Hardening environments to DISA STIG requirements and supporting audit readiness activities
  • Producing customer-facing incident summaries and internal knowledge base articles after each major resolution
  • Act as the primary conduit between on-site support teams and HPE BU engineering
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Principal DevOps Engineer

Riverstone Enterprise Solutions, a PD Systems company, delivers mission-focused ...
Location
Location
United States , Annapolis Junction
Salary
Salary:
Not provided
rivsol.com Logo
Riverstone Enterprise Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or higher is required in either Engineering (i. e. Computer, Electrical, Mechanical, Aerospace, etc.) or Computer Science with a minimum of ten (10) years of related experience
  • Must be fluent with Git
  • Strong knowledge of Linux and Linux environments (RHEL 617/8, RHCSNRHCE CentOS)
  • Experience with Windows system administration, system monitoring, instrumentation, resiliency and performance
  • Experience integrating Jenkins/Bamboo Docker, and Kubernetes for automated deployment preferred
  • Experience with caching technologies (Memcache, Active MQ, Redis, APC, etc.)
  • Experience with MySQL (Clusters, Replication, and Tuning) and Elasticsearch (Kibana a plus)
  • Knowledge of security practices, networking protocols, firewalls, PCI compliance etc.
  • Experience managing/monitoring AWS cloud and virtualized servers for optimal performance while working in a Platform as a Service (PaaS) environment
  • Familiarity with software development life cycle models, agile, and DevOps programming methodologies
Job Responsibility
Job Responsibility
  • Support the development life cycle of platform architectural design, deployment and debugging
  • Develop & maintain sound version control best practices-based CM systems (GIT), including branching and merging strategies
  • Serve as a technical lead for an Agile team and actively participate in all Agile ceremonies
  • Ability to automate release deployments across development, test, staging, Quality Assurance and production stacks using a combination of scripting languages and other automation toolkits
  • Set-up new sites and applications via configuration management such as Puppet and Ansible
  • Maintain / upgrade/ patch tracking and documentation software (Confluence / Jira)
  • Create, Assist, and Implement design and maintenance web service infrastructure and deployments
  • Analyze service stack and make recommendations for further improvements
  • Identify processes and capabilities that can be streamlined and automated
  • Communicate effectively to help bridge stakeholders and development requirements
  • Fulltime
Read More
Arrow Right

Resident Assistant

If you’re looking for a job that goes beyond the basics to deliver purpose and j...
Location
Location
United States of America , Hillsboro
Salary
Salary:
18.00 - 20.00 USD / Hour
leisurecare.com Logo
Leisure Care
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated experience in a caregiving role
  • Current CNA a plus!
Job Responsibility
Job Responsibility
  • Assists resident with activities of daily living (ADL's) and all personal care skills (bathing, dressing, grooming, toileting)
  • Makes appropriate observations about the resident’s condition in every interaction
  • Records and follows-up with changes in resident’s condition in a timely manner
  • Assists residents with laundry and housekeeping services as needed
What we offer
What we offer
  • Medical, Dental and Vision
  • Early Wage Access (access to earned wages when needed!)
  • 401k
  • 10 days vacation & 1 hour Sick Leave earned for every 30 hours worked
  • Bereavement & Jury Duty Leave
  • 6 Holidays
  • 2 Float Holidays
  • Flexible Spending Accounts (Health and Dependent Care)
  • Meal Discounts
  • Tuition Assistance
  • Fulltime
Read More
Arrow Right

Traffic Management CAD Technician

FM Conway is currently recruiting a Traffic Management CAD Technician to join ou...
Location
Location
United Kingdom , Ipswich
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
July 04, 2026
Flip Icon
Requirements
Requirements
  • Strong knowledge of Traffic Management operations
  • experience using CAD, BricsCAD and Cone 11 software
  • ability to read and translate blueprints and technical drawings
  • ability to work well under pressure, prioritise tasks effectively and have excellent attention to detail
  • M7 Lantra qualification is highly desirable, but not essential
Job Responsibility
Job Responsibility
  • Working within a team of Traffic Management development designers and Project Engineers to ensure that drawings are to a high and legal standard
  • Producing clear drawings, signage placement layouts and diversion route strategies
  • Developing safe and efficient traffic management plans for work sites and road network
  • Carrying out on site assessments as required
  • Designing sites in accordance with Chapter 8 TSM
  • Engaging with Project Teams & Engineers to respond effectively to working methods that require traffic Management designs that conform to a legal standard
What we offer
What we offer
  • Career and professional development
  • 23 days holiday plus bank holidays
  • Life assurance
  • Opportunities for internal and external training
  • Access to a wide range of shopping discounts through Rewarding Great People platform
  • Health and well-being benefits including 24-hour advice lines
  • Support from in-house mental health first aiders
  • Fulltime
Read More
Arrow Right

Registered Nurse, CVOR

Baptist Downtown is hiring a Registered Nurse for our Cardiovascular Operating R...
Location
Location
United States , Jacksonville
Salary
Salary:
Not provided
baptistjax.com Logo
Baptist Health (Florida)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 1-2 years Operating Room Nursing Experience Required
  • Basic Life Support (BLS) Required
  • Advanced Cardiac Life Support (ACLS) Required
  • Licensed Registered Nurse Required
  • Associate of Science, Nursing
  • Registered Nurse (RN) - State Nursing Boards
  • Driver's License - DMV
  • Basic Life Support (BLS) - AHA
  • Advanced Cardiac Life Support (ACLS) - AHA
Job Responsibility
Job Responsibility
  • Providing for patient needs as recognized through use of the nursing process
  • Supervision of care provided by supportive personnel and coordination of care provided by ancillary services
  • Including patients and significant others (SO)/families in developing an individualized plan of care
  • Education of patients/SO/families to their disease process and plan of care
  • Coordinating and preparing assigned operating room/case
  • Assessment of patient care needs and the anticipation of needs of the case
  • Circulating, scrubbing, assisting on Cardiothoracic and vascular procedures
  • Fulltime
Read More
Arrow Right