CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Principal Security Engineer

United States, Redmond Employment contract 142800.00 - 274800.00 USD / Year · Job Posted June 04, 2026
Apply Position
Job Link Share

Job Description

The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. The IAMProtect team protects Microsoft's most critical cloud services by reducing systemic security risk in the layers that matter most - identity, tenant governance, and core infrastructure trust boundaries. The Trusted Computing Base (TCB) represents the highest-impact set of services and trust seams where small gaps can create disproportionate blast radius. The Principal Security Engineer role is for a hands-on systems architect who can turn ambiguous risk into enforceable controls, drive adoption across engineering organizations, and make security provable in production through clear validation and telemetry.

Job Responsibility

  • Identify high-leverage security risks and trust seams affecting critical services, and translate them into clear, prioritized mitigation plans
  • Design enforceable security architectures and isolation patterns across identity, tenant/security boundaries, and adjacent infrastructure layers
  • Define security policies and guardrails that can be deployed safely at scale (phased rollout, validation gates, rollback strategy)
  • Partner with engineering teams across organizations to land durable controls in production, reducing reliance on exceptions and manual processes
  • Establish proof mechanisms (telemetry/validation) to measure coverage, detect drift, and verify controls are continuously effective
  • Produce crisp technical artifacts (reference architectures, decision docs, implementation guidance) that unblock execution and scale adoption

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check

Nice to have

  • 8+ years in security architecture and/or systems engineering for large-scale cloud or distributed systems
  • Strong technical depth in identity and access management (authN/authZ, RBAC/ABAC concepts, least privilege, credential/secrets lifecycle)
  • Demonstrated experience designing security controls that are enforceable and driving them into production with partner teams
  • Strong written and verbal communication skills, including ability to influence senior technical stakeholders and drive decisions
  • Depth in one or more infrastructure verticals (e.g., networking, compute, storage, engineering systems, supply chain/security of build and release)
  • Experience building or operating policy/guardrail platforms
  • Experience in incident-driven security improvements
  • Familiarity with compliance-constrained or regulated cloud environments
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Principal Security Engineer

8 matching positions

Principal Security Engineer

As a Principal Security Engineer, you will help shape how security is built into...
Location
Location
United States
Salary
Salary:
160200.00 - 269400.00 USD / Year
Zillow
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of security engineering experience, including strong experience in application security and ownership of complex security outcomes
  • experience driving or owning AI security initiatives and assessing or mitigating risks in AI- or LLM-enabled systems
  • experience leading advanced security assessments across modern applications, cloud infrastructure, and AI-enabled systems
  • strong understanding of common vulnerability classes, secure software development practices, and threat modeling
  • hands-on experience securing cloud-native environments, especially AWS, and designing secure system or cloud architectures
  • can read, write, and review code in at least one modern programming language
  • communicates security risks clearly to both technical and non-technical partners and can influence decisions without formal authority
  • experience mentoring engineers and helping raise the technical bar across a team or organization
Job Responsibility
Job Responsibility
  • Lead security assessments for high-impact applications and services, including threat modeling, secure design reviews, and penetration testing
  • Identify, validate, and prioritize complex vulnerabilities across web applications, APIs, and cloud-native services, and partner with engineers to drive secure-by-default outcomes
  • Strengthen the security of primarily AWS-based environments, with additional exposure to GCP and Azure, across areas such as identity, networking, data protection, and service integrations
  • Drive AI security initiatives by establishing guardrails, review practices, and secure design patterns for AI-enabled features and systems
  • Assess AI-specific risks, including data exposure, misuse, model abuse, prompt-based attacks, and unintended system behavior
  • Develop and promote scalable application and AI security standards, best practices, and guardrails across teams
  • Improve application and AI security tooling through configuration, integration, and ongoing optimization in partnership with engineering and platform teams
  • Mentor and influence engineers across teams, raising the technical bar and helping embed security into the way Zillow builds and ships software
What we offer
What we offer
  • equity awards
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

As the Principal Security Engineer, you will play a pivotal role in shaping the ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
redcloudtechnology.com Logo
RedCloud
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in both enterprise security and product security, with experience in multinational organizations
  • Hands-on experience with security frameworks such as ISO27001, SOC2, and SOX
  • Advanced knowledge of security architecture and design principles
  • Expertise in threat intelligence and Incident response
  • Strong leadership and project management skills
  • Excellent communication and interpersonal abilities
  • Strategic thinking and ability to influence organizational change
  • Practical experience in securing cloud environments, enterprise IT systems, and security products
  • Knowledge of secure coding practices and familiarity with modern software development methodologies
  • Ability to design and implement security policies, processes, and controls that align with business needs
Job Responsibility
Job Responsibility
  • Lead and mentor the security and compliance team
  • Develop and maintain a comprehensive security strategy covering both enterprise systems and product development
  • Partner with product teams to integrate secure development practices into the software engineering lifecycle
  • Work closely with IT and security teams to ensure compliance with ISO27001, SOC2, and SOX standards
  • Collaborate across the organization to identify and mitigate security risks
  • Stay informed about latest security trends and technologies
  • Conduct regular security assessments and audits
  • Promote awareness of security best practices through training and advocacy
  • Develop and lead the organization's Security strategy
  • Oversee security architecture and design for complex systems
What we offer
What we offer
  • 25 Days Annual leave, increasing to 26 days after 12 months
  • Enhanced Company Pension (Matched up to 5% & Salary Sacrifice)
  • Healthcare Cashplan with Medicash
  • Private Healthcare with Aviva
  • Life Insurance with AIG
  • Happl benefit platform with pre-negotiated discounts on entertainment, food, and fitness
  • Stock/Equity
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

As the Principal Security Engineer, you will play a pivotal role in shaping the ...
Location
Location
Turkey , Istanbul
Salary
Salary:
Not provided
redcloudtechnology.com Logo
RedCloud
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A strong background in both enterprise security and product security
  • experience in multinational organizations
  • hands-on experience with security frameworks such as ISO27001, SOC2, and SOX
  • advanced knowledge of security architecture and design principles
  • expertise in threat intelligence and incident response
  • strong leadership and project management skills
  • excellent communication and interpersonal abilities
  • strategic thinking and the ability to influence organizational change
  • practical experience in securing cloud environments, enterprise IT systems, and security products
  • knowledge of secure coding practices and familiarity with modern software development methodologies
Job Responsibility
Job Responsibility
  • Lead and mentor the security and compliance team
  • develop and maintain a comprehensive security strategy covering both enterprise systems and product development
  • partner with product teams to integrate secure development practices into the software engineering lifecycle
  • work closely with IT and security teams to ensure compliance with ISO27001, SOC2, and SOX standards
  • collaborate across the organization to identify and mitigate security risks while enabling business growth
  • stay informed about the latest security trends and technologies
  • conduct regular security assessments and audits
  • promote awareness of security best practices across the company through training and advocacy
  • develop and lead the organization’s security strategy
  • oversee security architecture and design for complex systems
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
163000.00 - 296400.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in security or related field OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

The Principal Security Engineer, under the direction of the Director of Security...
Location
Location
United States , Palo Alto
Salary
Salary:
147050.00 - 220800.00 USD / Year
wsgr.com Logo
Wilson, Sonsini, Goodrich & Rosati
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree required
  • 5+ of experience in Information Security
  • One or more of the following certifications preferred: GIAC, CISSP, CISM, CEH, CIPP
  • Focus on knowledge of direct support for Security Information and Event Management (SIEM) systems (e.g. configuration of feeds, developing alarm/report concepts), Red Teaming concepts and execution, and Linux skills including command line and operational/administrative usage
  • Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
  • Experience with windows desktop, server, and database security
  • Ability to identify security technology risks and perform incident response
  • Extensive knowledge of TCP/IP networking including wireless, network monitoring/design and routing
  • Extensive understanding of the cyber kill-chain
  • Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
Job Responsibility
Job Responsibility
  • Provide subject matter expertise in information security as it relates to networks and systems
  • Manage the Firm’s security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems
  • Review security events from all monitoring environments not integrated with the firm SIEM, and those events escalated by the SOC, on a daily basis, and follow defined incident response processes in their analysis and reporting
  • Monitor appropriate venues for threats to the security of the Wilson Sonsini Goodrich & Rosati environment. Provide notification to all impacted parties related to the actions needed to mitigate threats and manage the threat lifecycle in totality
  • Manage and lead evaluations of the firm’s environment by external 3rd parties. Produce recommendations that integrate any findings with the business needs of the firm
  • Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and discipline developments. Make appropriate recommendations that meet the firms needs
  • Design and build operational environments that scale to meet the needs of our security products and assure appropriate reliability
  • Support general troubleshooting related to information security tasks and provide support to end users as needed
  • Provide other teams with security consulting services, including responding to requests for additional information and assisting with specific projects
What we offer
What we offer
  • discretionary year-end merit bonus based on performance
  • highly competitive salary and benefits package
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We are seeking a visionary and hands-on Principal Security Engineer to architect...
Location
Location
United States , San Antonio
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in cybersecurity
  • At least 5 years dedicated to Application Security or Cloud Security engineering
  • Deep technical proficiency in AWS, including native security services (GuardDuty, Inspector, WAF, KMS) and IAM policy architecture
  • Strong coding/scripting background
  • Must be able to read and review code in languages such as Python, Go, Java, or Node.js
  • Expert knowledge of modern application security frameworks and standards, specifically OWASP Top 10, OWASP API Security Top 10
  • Proven experience implementing and managing DevSecOps pipelines (Jenkins, GitHub Actions) and toolchains (SonarQube, Snyk, Veracode, etc.)
  • Hands-on experience with Container Security (Docker, Kubernetes) and securing serverless architectures
  • Demonstrated ability to write clear, concise technical policies and procedures
Job Responsibility
Job Responsibility
  • Draft and own technical security policies and procedures for Engineering and Product teams
  • Serve as the primary security liaison to the Engineering and Delivery teams
  • Partner with the Head of InfoSec and GRC teams to maintain our Unified Control Framework
  • Architect and mature the Secure Software Development Lifecycle (SSDLC)
  • Lead threat modeling for new features and major architectural changes
  • Manage the Vulnerability Assessment and Penetration Testing (VAPT) program
  • Act as a mentor to developers, providing "just-in-time" training on secure coding practices
  • Own the security architecture for our multi-cloud environment (AWS, Azure, GCP)
  • Pioneer our AI Security Strategy
  • Design and maintain Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP) strategies
Read More
Arrow Right

Principal Security Engineer

The Microsoft Security Analysis & Fix Engineering (SAFE) team is dedicated to bu...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years of experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years of experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Investigate code vulnerabilities and generalize code patterns for detections
  • Create static code analysis rules and expressions for finding vulnerable code patterns
  • Apply static code analysis and validate results manually and using automation
  • Improve tooling used in static code analysis and results processing
  • Assist with active incident research, detection, mitigation and post-incident response
  • Embody our culture and values
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

Transform security and compliance into a scalable, engineered capability for a f...
Location
Location
Sweden , Stockholm
Salary
Salary:
Not provided
inhouse.se Logo
Inhouse AB
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Several years of experience from a senior role within IT security
  • Experience building and redesigning systems, not just running them
  • Solid experience within cloud security and security architecture
  • Comfortable owning outcomes in regulated environments
  • Focused on turning frameworks into automated, continuously running controls
  • Curious by nature, motivated by improvement
  • Excited to use automation and AI to reduce friction and increase confidence
  • Comfortable operating close to technology while communicating clearly with stakeholders
  • Ability to translate technical risk into business impact
Job Responsibility
Job Responsibility
  • Define vision for security architecture & design: Act as lead architect for security roadmap, ensuring security-by-design is embedded across platform
  • Translate complex risks into engineering requirements
  • Drive modernization and automation: Own integration of guardrails into AWS, Terraform, and CI/CD pipelines
  • Leverage automation and AI to move away from manual checks toward continuous controls
  • Take governance, risk & compliance ownership: Own information security framework including ICT policies, BIA, and BCP/DR plans
  • Ensure operations align with global standards and regulations such as NIST, SOC 2, ISO 27001, GDPR, and DORA
  • Operational Resilience & Incident Leadership: Lead technical incident response efforts
  • Proactively enhance platform reliability
  • Mature observability and automation
  • Third-party & regulatory oversight: Oversee IT and BPO providers
  • Fulltime
Read More
Arrow Right