CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Security Assurance

United States, Multiple Locations 119800.00 - 234700.00 USD / Year · Job Posted January 07, 2026
Apply Position
Job Link Share

Job Description

Join a high-impact team dedicated to securing Microsoft products and services for regulated industries. This role focuses on proactive threat modeling, compliance enforcement, and driving secure-by-default principles across cloud and enterprise solutions.

Job Responsibility

  • Identify and mitigate security risks early in the development lifecycle through structured threat modeling sessions
  • Implement and validate security controls aligned with frameworks such as NIST 800-53, Secure Future Initiative (SFI), and industry regulations
  • Advocate and enforce configurations like managed identities, Defender for Cloud, and network isolation for production workloads
  • Develop scripts and leverage AI-driven tools to streamline security processes and scale threat modeling efficiency
  • Partner with engineering teams, product managers, and compliance stakeholders to embed security into design and delivery

Requirements

  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Knowledge of cloud security (Azure preferred) and enterprise security principles
  • Hands-on experience with threat modeling, secure coding practices, and compliance frameworks
  • Proficiency in PowerShell/Python scripting for automation
  • Familiarity with NIST 800-53 controls, identity management, and network security
  • CISSP or equivalent certification
  • Experience with regulated industry requirements (e.g., financial services, healthcare)
  • Exposure to AI-driven security tools and automation workflows
  • Communication and collaboration skills
  • ability to influence across teams
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Assurance

8 matching positions

New

Cyber Security Assurance Tech Lead

We are looking for a Cyber Security Assurance Tech Lead to join our team and pla...
Location
Location
Egypt , Giza
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of security frameworks and methodologies such as MITRE ATT&CK, NIST, OWASP, and CIS Controls
  • Hands-on understanding of penetration testing methodologies for web, mobile, network, API, and cloud environments
  • Familiarity with hardening and secure configuration practices for servers, databases, operating systems, and applications
  • Experience in vulnerability assessment, risk analysis, and providing security recommendations aligned with business requirements
  • Ability to work collaboratively with cross-functional teams to identify, prioritize, and remediate security vulnerabilities
  • Strong analytical, troubleshooting, and problem-solving skills with the ability to communicate technical findings to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Perform penetration testing activities on web applications, mobile applications, networks, APIs, and cloud environments to identify security vulnerabilities and weaknesses
  • Support penetration testing activities conducted internally or through third-party vendors, ensuring proper execution and reporting
  • Conduct vulnerability assessments and security analysis, providing remediation recommendations to improve the overall security posture
  • Validate secure implementation and acceptance of new technologies, systems, and infrastructure in alignment with Vodafone security policies and standards
  • Perform regular security assurance activities on existing applications and environments to ensure continuous compliance and protection against emerging threats
  • Participate in security risk assessments for new projects and initiatives, ensuring security risks are identified and mitigated during early project phases
  • Collaborate with technical teams and business stakeholders to track and remediate penetration testing findings in a timely manner
  • Review and validate penetration testing reports, ensuring findings are properly documented with clear remediation guidance
  • Stay up to date with emerging cyber threats, vulnerabilities, attack techniques, and industry best practices to continuously improve penetration testing and security assurance capabilities
  • Fulltime
Read More
Arrow Right

Information Security & Assurance Officer

We are supporting a regional public sector organisation seeking an experienced I...
Location
Location
United Kingdom , Fradley
Salary
Salary:
40000.00 - 42500.00 GBP / Year
datacareers.co.uk Logo
DataCareers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Information Security, Information Assurance or Governance, Risk & Compliance (GRC) environments
  • Security governance, policy, risk and assurance activities
  • Regulated public sector or similarly complex organisational settings
  • Working collaboratively across teams to support secure and compliant ways of working
Job Responsibility
Job Responsibility
  • Supporting information security governance and assurance activities
  • Security risk identification, assessment and mitigation
  • Policy development, review and compliance monitoring
  • Supporting audit and assurance processes
  • Stakeholder engagement across technical and non-technical teams
  • Promoting strong information handling and security awareness practices
  • Fulltime
Read More
Arrow Right

Security Assurance Coordinator

The Security Assurance Coordinator is responsible for coordinating and overseein...
Location
Location
United Kingdom , Farnborough
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Working knowledge of penetration testing approaches, vulnerability management processes, and common application and infrastructure risks (e.g. OWASP Top 10), sufficient to coordinate assurance activity and interpret findings
  • Experience in a coordination, assurance, or delivery-support role within IT or Cyber Security, managing multiple workstreams, dependencies, and stakeholders in parallel
  • Strong communication skills, with the ability to engage effectively with technical teams, suppliers, and senior non-technical stakeholders, translating technical outputs into clear risk-based insights
  • Knowledge of recognised security standards and frameworks (e.g. ISO 27001, NIST, NCSC CAF, JSP440) and experience supporting compliance, audit, or assurance activities
  • Ability to attain and maintain UK Security Vetting (DV) and operate effectively in regulated or high-assurance environments requiring discretion, accuracy, and strong governance
Job Responsibility
Job Responsibility
  • Coordinate the planning, scheduling, and delivery of security assurance activities, including penetration testing and vulnerability assessments, ensuring alignment to delivery plans, customer requirements, and applicable security policies
  • Act as a central point of contact between project teams, service owners, and approved third-party testing providers to define scope, prerequisites, timelines, and dependencies
  • Review and quality-check security testing outputs, supporting the translation of technical findings into clear, business-focused risk information for a range of stakeholders
  • Track identified vulnerabilities through agreed remediation processes, monitoring progress to closure, supporting retesting where required, and maintaining accurate assurance and remediation records
  • Maintain assurance evidence and artefacts to support audit, accreditation, and compliance activities, contributing to reporting against relevant standards, policies, and regulatory requirements
  • Support the continuous improvement of security testing coordination, reporting, and tracking processes to enhance consistency, transparency, and delivery efficiency
What we offer
What we offer
  • Excellent basic salary plus bonus and Vodafone benefits
  • up to 28 days off plus bank holidays
  • paid time for charity work
  • discounts
  • vouchers
  • pension plan
  • learning tools
  • parental leave policies
  • Fulltime
Read More
Arrow Right

Information Security Assurance Analyst

Information Security Assurance Analyst
Location
Location
United Kingdom , Portsmouth
Salary
Salary:
Not provided
talenthawk.com Logo
TalentHawk
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job
  • Must have Security Clearance or be eligible for security cleared
  • Must have experience in Cloud (IaaS, Paas, SaaS)
  • Must have proven expertise in three of the following security areas: identity and access management, network security, end user security, threat modelling, Security Risk and Compliance, penetration testing
  • Must have at least 3 years’ cyber security experience
  • Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC CAF, NIST Framework, ISO 27001, ISO27005, IEC62443 etc.
  • Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates
  • The individual should be educated to degree level in a relevant discipline
Job Responsibility
Job Responsibility
  • Perform a threat modelling exercise of all projects and provide mitigating cyber security requirements to help ensure the secure delivery of compliant systems, applications and business processes
  • Review both high/low level architecture definition documents for compliance against security policies, standards and regulatory requirements, defining Cyber non-functional requirements
  • Attend Technical Design Authority (TDA meeting to provide security signoffs
  • Work within the Security Assurance team consisting of security assurance analyst / consultants providing thought leadership across several assurance functions, and helping smooth engagements with project delivery teams
  • Perform cyber security risk assessments, compliance checks, audits and reviews to ensure that appropriate security controls are in place and highlight any deficiencies and gaps for management consideration
  • Provide support in scoping and overseeing pen tests and re-tests
  • Review recommendations and collaborate with the relevant teams to support remediation efforts
  • Provide cyber security assurance activities by ensuring implemented solutions are a replica of agreed and approved architecture definition documents, helping to facilitate penetration testing, whilst providing security advice and guidance
  • Support to management, BAU and projects to comply with legal and regulatory requirements
  • Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite
  • Fulltime
Read More
Arrow Right

Principal Security Assurance Engineering Manager

Microsoft’s Specialized Cloud Team in the national security, classified, and hig...
Location
Location
United States , Reston
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR equivalent experience
  • 1+ year(s) people management
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Enterprise Industrial Security Leadership: Interpret, operationalize, and govern requirements under NISPOM (32 CFR Part 117), SEADs, DoD Instructions, DFARS clauses, and customer specific security directives
  • Anticipate and mitigate enterprise level risks that could jeopardize Facility Clearances (FCLs), classified contracts, or customer trust
  • Cross Organizational Governance & Influence: Drive alignment across Engineering, Operations, Datacenters, Legal (CELA), HR, Physical Security, and secure/sovereign cloud teams
  • Establish clear governance models, accountability mechanisms, and escalation paths
  • Lead high risk decision making involving regulatory exposure, personnel adjudication, insider threat concerns, and facility accreditation
  • Facility Clearance & Classified Environment Management: Provide governance and oversight for the full lifecycle of classified facilities, including SCIFs and SAPF environments
  • Ensure accreditation readiness, material change management, and sustained compliance across facilities and business units
  • Protect Microsoft’s corporate and subordinate FCL posture through proactive risk management
  • Fulltime
Read More
Arrow Right

Senior Security Assurance Engineer

Microsoft is seeking a Industrial Senior Security Assurance Engineer to support ...
Location
Location
United States , Reston
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • U.S. citizenship
  • Ability to pass Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Execute industrial security operations for assigned classified programs, SCIFs, and secure environments in accordance with NISPOM (32 CFR Part 117) and customer requirements
  • Maintain SCIF and SAPF accreditation, including Fixed Facility Checklists (FFCs), self inspections, co utilization agreements, and coordination of material changes
  • Oversee safeguarding practices including access controls, classified storage, visitor management, and security awareness activities
  • Manage personnel access requests for classified and special access programs
  • Coordinate clearance and access activities with FSOs, CPSOs, and government security offices
  • Provide guidance to employees and managers on security responsibilities, reporting obligations, and compliance expectations
  • Investigate and report security incidents, violations, and infractions in accordance with regulatory and customer requirements
  • Maintain auditable security documentation and compliance artifacts to support government inspections, reviews, and internal audits
  • Support inspections and remediation of findings within assigned authority
  • Partner with Physical Security, HR, Legal, IT, Facilities, and Program teams to resolve operational security issues impacting classified environments
  • Fulltime
Read More
Arrow Right

Principal Security Assurance Engineer

The Principal Security Assurance Engineer – Data Governance (USG Cloud) is a sen...
Location
Location
United States , Reston
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • U.S. citizenship
Job Responsibility
Job Responsibility
  • Define and maintain data governance standards, policies, and operating models for USG cloud environments
  • Establish governance controls covering data classification, ownership, stewardship, lineage, retention, residency, sovereignty, and disposal
  • Ensure alignment with Microsoft enterprise data governance principles while addressing US specific government and national security requirements
  • Operationalize data governance controls to support compliance with FedRAMP, DoD SRG, NIST SP 800 53/171, ITAR, CJIS, HIPAA, and classified customer requirements
  • Partner with legal, compliance, and security teams to translate statutory and contractual requirements into enforceable and auditable governance mechanisms
  • Support audits, assessments, and ATO activities by providing governance artifacts, evidence, and subject matter expertise
  • Fulltime
Read More
Arrow Right

Cloud Security Assurance Architect

The Cloud Security Assurance Architect will lead security assessments and archit...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or Cybersecurity
  • 6+ years in information security with cloud security focus
  • 3+ years conducting cloud security assessments and architecture reviews
  • Proven multi-cloud experience (AWS, Azure, GCP) in production environments
  • Technical Skills: AWS: Security Hub, GuardDuty, IAM Access Analyzer, KMS, CloudTrail
  • Azure: Defender for Cloud, Sentinel, Azure Policy, Key Vault
  • GCP: Security Command Center, Cloud Armor, IAM, Cloud KMS
  • Tools: Prisma Cloud, Wiz, Pacu, ScoutSuite, Prowler, Terraform
  • Cloud penetration testing and threat modeling
  • Mandatory Certifications: CISSP or CCSP
Job Responsibility
Job Responsibility
  • Lead cloud security assessments and architecture reviews across AWS, Azure, and GCP
  • Validate security implementations, provide expert guidance on cloud security posture, and support enterprise cloud transformation initiatives
  • Lead security architecture reviews for cloud-native and hybrid solutions
  • Execute cloud security assessments across AWS, Azure, and GCP environments
  • Validate designs against NIST CSF, CIS Benchmarks, and CSA CCM
  • Conduct cloud penetration testing following (CREST/CHECK methodologies)
  • Assess container/Kubernetes security, serverless and microservices implementations
  • Validate IaC security controls and CI/CD pipeline security
  • Lead compliance assessments: ISO 27017/27018, SOC 2, GDPR, NIS2, DORA
  • Assess cloud governance frameworks and CSPM implementations
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right