CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Security Assurance Engineer

United States, Redmond 100600.00 - 199000.00 USD / Year · Job Posted March 22, 2026
Apply Position
Job Link Share

Job Description

Security Governance & Compliance in the office of the dCISO (Deputy Chief Information Security Officer) for Governance and Trust puts people at the center of its mission. We focus on enabling secure, compliant, and resilient operations across government cloud environments. We move fast, prioritize automation, and stay focused on delivering measurable value to all stakeholders. Our team brings together individuals from diverse backgrounds, experiences, and disciplines each contributing to how we assess risk, enforce policy, and drive accountability. That diversity strengthens our ability to navigate complexity, collaborate effectively, and deliver outcomes that reflect the needs of the environments, customers and other stakeholders that we support. Do you have a passion for security and get excited about impacting some of the largest and most complex security challenges Microsoft faces in the enterprise today? Are you looking to join a fast-paced, dynamic, and diverse team? Our team is a dynamic organization chartered with providing security assurance services to Microsoft’s enterprise to help effectively identify and mitigate security risks. We are a high energy, highly collaborative team. As the Security Assurace Engineer you will work across teams and service lines to execute on our strategy for providing end-to-end security assurance. This includes application security assessments for a broad portfolio of apps and services. You will be expected to contribute to performing assessments as well as helping manage the business and alignment with compliance requirements. You will have the opportunity to work with engineering teams throughout the development cycle to influence secure design and continuous security of these services.This role will require cross divisional partnership with engineering teams, Corporate, External, and Legal Affairs (CELA), CISO organization, Global Trade, and the National Security Team among others. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Job Responsibility

  • Lead cross-functional and cross-team projects, ensuring timely and within-budget completion
  • Collaborate with engineering teams to drive technical projects and deliver innovative solutions
  • Provide security training and develop incident response processes to handle multi-dimensional incidents
  • Ensure data integrity and compliance with contractual requirements
  • Communicate effectively with stakeholders, including government agencies, to ensure alignment and compliance with regulations
  • Identify and mitigate security vulnerabilities and risks through analytical problem-solving and strategic decision-making
  • Embody our company's Culture and Values

Requirements

  • Master's Degree in Engineering, Product/Technical Program Management, Data Analysis, Product Development or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Engineering, Product/Technical Program Management, Data Analysis, Product Development, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
  • Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport

Nice to have

  • 6+ years of experience managing cross-functional and/or cross-team projects
  • Experience working in a similar role within the technology or defense industry
  • Ability to obtain and maintain a United States Security Clearance
  • 2+ years experience managing cross-functional and/or cross-team projects
  • 2+ years experience running or supporting enterprise scale services or platforms within a distributed cloud environment
  • 3+ years of demonstrated experience in agile development practices, security operations, threat modeling, or other security practices
  • 2+ years of experience supporting highly regulated federal environments under FedRAMP, FAR/DFARS, CMMC, and ITAR regulations
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Assurance Engineer

8 matching positions

New

Risk Engineer (Security Assurance)

Hybrid Global Automotive Tech International Environment
Location
Location
Japan , 東京23区
Salary
Salary:
8000000.00 - 12000000.00 JPY / Year
https://www.randstad.com Logo
Randstad
Expiration Date
September 29, 2026
Flip Icon
Requirements
Requirements
  • 6+ years’ experience in Information Security
  • Experience in technical security, securing products incorporating emerging technologies like IoT, AI, Automotive operating systems
  • Experience with risk management, risk assessments and risk assessment methodologies/standards (NIST SP800-30, CIS RAM, etc)
  • Experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC)
  • Technical expertise in the security field and experience with security architecture and ability to challenge risk assessments on the technical side
  • Experience with multiple risk assessment methods including threat modeling (STRIDE, etc)
  • High level of independence and autonomy in leading and performing engagements, including conducting interviews, with a complex set of corporate stakeholders
  • Experience in technical assessments of networks, operating systems, cloud environments, etc Excellent written and verbal communication skill
What we offer
What we offer
  • 健康保険
  • 厚生年金保険
  • 雇用保険
  • 土曜日
  • 日曜日
  • 祝日
  • Fulltime
Read More
Arrow Right

Senior Security Assurance Engineer

Microsoft is seeking a Industrial Senior Security Assurance Engineer to support ...
Location
Location
United States , Reston
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • U.S. citizenship
  • Ability to pass Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Execute industrial security operations for assigned classified programs, SCIFs, and secure environments in accordance with NISPOM (32 CFR Part 117) and customer requirements
  • Maintain SCIF and SAPF accreditation, including Fixed Facility Checklists (FFCs), self inspections, co utilization agreements, and coordination of material changes
  • Oversee safeguarding practices including access controls, classified storage, visitor management, and security awareness activities
  • Manage personnel access requests for classified and special access programs
  • Coordinate clearance and access activities with FSOs, CPSOs, and government security offices
  • Provide guidance to employees and managers on security responsibilities, reporting obligations, and compliance expectations
  • Investigate and report security incidents, violations, and infractions in accordance with regulatory and customer requirements
  • Maintain auditable security documentation and compliance artifacts to support government inspections, reviews, and internal audits
  • Support inspections and remediation of findings within assigned authority
  • Partner with Physical Security, HR, Legal, IT, Facilities, and Program teams to resolve operational security issues impacting classified environments
  • Fulltime
Read More
Arrow Right

Principal Security Assurance Engineer

The Principal Security Assurance Engineer – Data Governance (USG Cloud) is a sen...
Location
Location
United States , Reston
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • U.S. citizenship
Job Responsibility
Job Responsibility
  • Define and maintain data governance standards, policies, and operating models for USG cloud environments
  • Establish governance controls covering data classification, ownership, stewardship, lineage, retention, residency, sovereignty, and disposal
  • Ensure alignment with Microsoft enterprise data governance principles while addressing US specific government and national security requirements
  • Operationalize data governance controls to support compliance with FedRAMP, DoD SRG, NIST SP 800 53/171, ITAR, CJIS, HIPAA, and classified customer requirements
  • Partner with legal, compliance, and security teams to translate statutory and contractual requirements into enforceable and auditable governance mechanisms
  • Support audits, assessments, and ATO activities by providing governance artifacts, evidence, and subject matter expertise
  • Fulltime
Read More
Arrow Right

Software Security & Assurance Engineer

As our first Software Assurance Engineer, you are the hands-on architect of our ...
Location
Location
Germany , Ottobrunn
Salary
Salary:
Not provided
isaraerospace.com Logo
Isar Aerospace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in a technical role that blends Software Development, Quality Assurance, or Application/Product Security
  • Proven track record of building and implementing a secure SDLC
  • Hands-on experience selecting, deploying, and integrating AppSec tools (SAST, DAST, SCA) into a modern CI/CD pipeline (e.g., GitLab CI, Jenkins)
  • Demonstrable experience in designing, building, and managing automated QA testing frameworks (e.g., Selenium, Playwright, pytest, Robot Framework)
  • Proficiency in at least one programming language (like Python, Go, C++, or C#) and extensive scripting experience
  • Fluent and professional communication skills in English are mandatory
  • Proficiency in German is a significant plus
Job Responsibility
Job Responsibility
  • Architect our Secure SDLC: Design, implement, and operate our technical Secure Software Development Lifecycle (SSDLC) framework
  • Build the DevSecOps Pipeline: Lead the selection, implementation, and integration of our Application Security (AppSec) toolchain (SAST, DAST, SCA)
  • Build the Quality Framework: Architect, build, and maintain the frameworks for automated functional and regression testing
  • Manage Software Vulnerabilities: Lead the technical vulnerability management process for all in-house and third-party code
  • Drive Secure Coding Practices: Serve as the 'Security Champion' within engineering, providing expert consultation, training, and documentation
  • Support Product Security Compliance (CRA): Act as the technical lead for our compliance with the EU Cyber Resilience Act (CRA)
What we offer
What we offer
  • Employee Participation Program: Share in our success through our virtual company share program
  • 30 days of vacation
  • Company pension plan: Secure your future with our company pension plan, featuring a 20% employer contribution after the probation period
  • Subsidised lunch: Stay energised with delicious, subsidised lunches every day
  • Public transport ticket: Commute with ease using a fully financed Deutschlandticket
  • Sport Clubs membership: Stay fit with our sponsored sports club memberships (EGYM Wellpass)
  • Individual learning allowance: Grow your skills with an individual learning budget granted after the probation period
  • Childcare allowance: Receive a childcare allowance for your non-school-age children
Read More
Arrow Right

System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 5+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Senior System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 10+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Senior System Security and Information Assurance Engineer

The Senior PAM Engineer will play a critical role within Line of Effort 2, respo...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • Master’s degree (MA/MS) in Cybersecurity, Information Technology, Computer Science, Engineering, or related field
  • 10+ years of professional experience in cybersecurity, systems engineering, or information assurance
  • Meets Cyber Engineer – Senior labor category requirements, including independent execution of all functional duties and support to mission-critical program elements
  • DoD 8570 IAT Level II certification or higher (e.g., Security+ CE, CCNA Security)
  • Deep expertise in Privileged Access Management (PAM) architectures and Zero Standing Privilege concepts
  • Hands-on experience implementing Just-In-Time (JIT) access workflows
  • Experience integrating PAM solutions with Active Directory, SIEM platforms (Splunk), and Identity Governance (IGA) tools
  • Experience producing technical documentation to support RMF and ATO processes (LLDs, SSPs, SOPs)
  • Ability to lead or oversee the efforts of less senior staff as required by program needs
Job Responsibility
Job Responsibility
  • Lead the installation, configuration, and technical implementation of an enterprise Privileged Access Management (PAM) solution (Delinea-focused) across multiple network enclaves
  • Discover, inventory, and onboard privileged user, administrator, and service accounts into a secure credential vault
  • Design and enforce policies for Just-In-Time (JIT) access, session monitoring, and session recording to achieve zero standing privileges
  • Develop scripts and API-based integrations between the PAM solution, Splunk SIEM, and Identity Governance (IGA) platforms
  • Support RMF accreditation activities by developing Low-Level Design (LLD) documents, System Security Plans (SSPs), and Standard Operating Procedures (SOPs)
  • Support Authority to Operate (ATO) efforts through security control implementation and technical validation
  • Lead enterprise rollout of PAM policies from pilot groups to full operational enforcement
  • Collaborate with Zero Trust architects, identity teams, and cyber engineers to ensure alignment with enterprise security architecture
Read More
Arrow Right

Information Systems Security Engineer 3 (FORECASTED)

The Information Systems Security Engineer (ISSE) conducts and reviews technical ...
Location
Location
United States , Annapolis Junction
Salary
Salary:
189000.00 - 260000.00 USD / Year
ctp-web.com Logo
Columbia Technology Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Twenty (20) years as an ISSE on programs of similar scope, type, and complexity
  • Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related discipline
  • DoD 8570 IASAE Level 3 compliance
  • Both ISSEP and CISSP certifications
  • U.S. Citizenship is required for all applicants
  • DOD 8570 Certification
  • This position requires an active Security Clearance with appropriate Polygraph
Job Responsibility
Job Responsibility
  • Perform or review technical security assessments to identify vulnerabilities and ensure IA compliance
  • Validate, verify, and define system security requirements and designs
  • Design, develop, implement, and integrate IA/security systems and components across networked and multi-enclave environments
  • Embed IA into systems deployed to operational environments
  • Assist architects and developers with applying appropriate information security functionality
  • Support the development and maintenance of secure system architectures
  • Enforce trusted relationships among internal and external systems and architectures
  • Assess and mitigate security threats and risks throughout the program lifecycle
  • Contribute to security planning, assessments, risk analysis, and risk management activities
  • Review Certification and Accreditation (C&A) documentation for completeness and compliance
What we offer
What we offer
  • Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options
  • Vision + Dental: Both free to you + paid in full by CTP
  • Retirement: 401k - 6% company contribution
  • PTO + Leave: A work life balance is extremely important to our team here at CTP, which is why our paid time off plans are so lucrative. Offering customizable leave plans to meet your needs is just one of our many perks! Jury Duty, Bereavement + Military Leave provided
  • Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition
  • Life and AD&D Insurance/Short-Term & Long-Term Disability: More peace of mind, at zero cost to you
  • Profit Sharing Bonus: End of year cash gets added to your bottom-line
  • Referral Bonus Program: Our tiered program provides an incentive with each stage of the hiring process your referral passes. Our bonuses range from $7,000-$20,000, if your referral joins the team
  • Fulltime
Read More
Arrow Right