CrawlJobs Logo

Security Engineer II - Red Team

https://www.microsoft.com/ Logo

Microsoft Corporation

Location Icon

Location:
United States , Redmond

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

100600.00 - 199000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Are you passionate about identifying and exploiting security vulnerabilities that impact hundreds of millions of users across the world? Join the Microsoft Red Team (MRT) organization, where you will emulate real-world advanced persistent threats against Microsoft. Our mission is to ensure Microsoft is prepared to face and respond to even the most determined adversaries by exploring innovative ways to identify and prevent security flaws. MRT is seeking talented individuals focused on identifying, exploiting, and emulating real-world threats against Azure, ensuring the security and resilience of one of the world's largest cloud platforms. We are looking for a Security Engineer II to execute operations and collaborate with other experienced red teamers to identify and exploit vulnerabilities across all layers of services, including application, cloud, network, hardware, and operational security domains. You will work closely with developers and security personnel from multiple teams across Microsoft. Additionally, as a Security Engineer II in MRT, you will execute the tactics, techniques, and procedures of potential attackers, providing critical insights that empower our security teams to strengthen defenses and protect against the evolving landscape of digital threats.

Job Responsibility:

  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Contribute to the execution of Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Analyze a wide array of data sources, including source code, to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence
  • Leverage Artificial Intelligence and agentic approaches for vulnerability discovery and threat emulation
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery

Requirements:

  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
  • OR equivalent experience
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • 3+ years' experience in any of the following: identifying security vulnerabilities, cyber security or related security discipline, or software engineering-related field

Additional Information:

Job Posted:
March 21, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Microsoft Corporation - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer II - Red Team

Technical Engagement Manager II

Bugcrowd is seeking a highly skilled Technical Engagement Manager II (TEM II) to...
Location
Location
Australia
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4-6 years of experience in a customer-facing technical role such as implementation, solutions architecture, technical program management, or professional services
  • Deep knowledge of pentest, bug-bounty and red-team methodologies
  • Strong problem solving skills and ability to manage multiple projects simultaneously
  • Excellent written & verbal communication with customer facing mindset
  • Ability to work collaboratively in a cross functional environment
Job Responsibility
Job Responsibility
  • Lead the end to end technical onboarding and configuration of Bug Bounty, Vulnerability Disclosure, Red team and pentest programs for new and existing customers
  • Translate customer security requirements into tailored program designs and platform configurations
  • Conduct technical program reviews, kickoff meetings, and walkthroughs with customers and internal stakeholders
  • Troubleshoot technical issues related to platform integrations, vulnerability workflows and reporting
  • Act as a technical point of contact during program launches, ensuring smooth transitions and early success
  • Provide expert guidance on offensive security engagements, vulnerability triage, communication workflows, and integration best practices
  • Collaborate closely with the Customer Relationship Managers and sales teams to align technical delivery with customer expectations
  • Partner with Line of Business Owners, Product, Engineering and Operations team to relay customer feedback and advocate for feature enhancements
  • Assist in developing and improving internal onboarding playbooks, technical documentation, and enablement materials
  • Support continuous improvement of delivery processes to drive consistency, quality and scalability
Read More
Arrow Right

Head of Security

Sentry’s users trust us to develop, ship, and operate a secure open-source produ...
Location
Location
United States , San Francisco
Salary
Salary:
260000.00 - 350000.00 USD / Year
sentry.io Logo
Sentry
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of modern security domains with expertise in at least two of: application/product security, infrastructure security, corporate/IT security
  • 10+ years relevant experience, including 5+ years in security-focused roles and prior management experience
  • Strong technical background (CS degree or equivalent software engineering experience)
  • Proven experience building and managing security programs (bug bounty, pen testing, red teaming, secure SDLC, training)
  • Demonstrated success in SaaS security (multi-tenant architecture, cloud controls, customer-facing assurances)
  • Extensive collaboration with IT & Compliance on identity/access management, endpoint posture, and policy
  • Experience working directly with auditors (e.g., SOC 2/Type II, ISO 27001) including evidence collection, remediation planning, and closing findings
  • Self-motivated owner who can both set strategy with leadership and execute through roadmaps, metrics, and teams
Job Responsibility
Job Responsibility
  • Ensure security for our SaaS platform—establish and operate the controls, guardrails, and monitoring required for a modern, high-scale, multi-tenant cloud service
  • Partner deeply with IT & Compliance on identity and access, endpoint/security baselines, vendor risk, policy, and audits
  • drive secure-by-default corporate foundations
  • Collaborate with executive leadership to fine-tune and evolve Sentry’s security strategy, set multi-year roadmaps, and communicate risks, tradeoffs, and outcomes
  • Build application and product security programs with support from the CTO and IT/Compliance orgs, including managing external parties for penetration tests and bug bounty programs
  • Prioritize automation and tooling over manual process
  • measure outcomes and continuously reduce risk and toil
  • Partner with Recruiting to build a world-class security team across AppSec, ProdSec, and GRC capabilities
  • Influence product roadmaps and customer-facing security features (e.g., MFA, session audit tooling, data controls)
  • Explore future security-adjacent product opportunities where Sentry can add value to developers and security teams
What we offer
What we offer
  • Offers Equity
  • incentive compensation
  • equity grants
  • paid time off
  • group health insurance coverage
  • Fulltime
Read More
Arrow Right

Head of Security

Sentry’s users trust us to develop, ship, and operate a secure open-source produ...
Location
Location
United States , San Francisco
Salary
Salary:
260000.00 - 350000.00 USD / Year
sentry.io Logo
Sentry
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of modern security domains with expertise in at least two of: application/product security, infrastructure security, corporate/IT security
  • 10+ years relevant experience, including 5+ years in security-focused roles and prior management experience
  • Strong technical background (CS degree or equivalent software engineering experience)
  • Proven experience building and managing security programs (bug bounty, pen testing, red teaming, secure SDLC, training)
  • Demonstrated success in SaaS security (multi-tenant architecture, cloud controls, customer-facing assurances)
  • Extensive collaboration with IT & Compliance on identity/access management, endpoint posture, and policy
  • Experience working directly with auditors (e.g., SOC 2/Type II, ISO 27001) including evidence collection, remediation planning, and closing findings
  • Self-motivated owner who can both set strategy with leadership and execute through roadmaps, metrics, and teams
Job Responsibility
Job Responsibility
  • Ensure security for our SaaS platform—establish and operate the controls, guardrails, and monitoring required for a modern, high-scale, multi-tenant cloud service
  • Partner deeply with IT & Compliance on identity and access, endpoint/security baselines, vendor risk, policy, and audits
  • drive secure-by-default corporate foundations
  • Collaborate with executive leadership to fine-tune and evolve Sentry’s security strategy, set multi-year roadmaps, and communicate risks, tradeoffs, and outcomes
  • Build application and product security programs with support from the CTO and IT/Compliance orgs, including managing external parties for penetration tests and bug bounty programs
  • Prioritize automation and tooling over manual process
  • measure outcomes and continuously reduce risk and toil
  • Partner with Recruiting to build a world-class security team across AppSec, ProdSec, and GRC capabilities
  • Influence product roadmaps and customer-facing security features (e.g., MFA, session audit tooling, data controls)
  • Explore future security-adjacent product opportunities where Sentry can add value to developers and security teams
What we offer
What we offer
  • incentive compensation
  • equity grants
  • paid time off
  • group health insurance coverage
  • Fulltime
Read More
Arrow Right

Security Engineer II

Are you passionate about identifying and exploiting security vulnerabilities tha...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
  • OR equivalent experience
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • 2+ years of experience in any of the following: Identifying Security vulnerabilities, Cyber Security, Full Stack Development, Systems Administration or related security discipline
Job Responsibility
Job Responsibility
  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Contribute to the execution of Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence
  • Embody our Culture and Values
  • Fulltime
Read More
Arrow Right

Applied Data Scientist II

Our team builds the intelligence layer that powers Microsoft’s next‑generation s...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in CS, Data Science, EE, Mathematics or related field AND 4+ years of hands-on DS/ML experience OR Master’s degree AND 1+ years experience
  • Strong proficiency in Python, ML frameworks (PyTorch/TensorFlow), and data processing libraries
  • Experience with ML techniques such as: gradient-boosted models, supervised/unsupervised learning, embeddings, clustering, anomaly detection
  • Experience querying & analyzing large datasets using Kusto, SQL, Spark, or equivalent data engines
  • Strong fundamentals in probability, statistics, and algorithmic thinking
  • Ability to write clean, reliable research code and communicate findings clearly
Job Responsibility
Job Responsibility
  • Machine Learning & Modeling: Develop supervised and unsupervised ML models for anomaly detection, fraud/threat pattern discovery, alert classification, confidence scoring, and signal fidelity improvements
  • Build and maintain feature pipelines over multi-modal security telemetry (identity, endpoint, network, cloud)
  • Apply graph-focused ML techniques (graph embeddings, GNNs, similarity scoring, relationship modeling)
  • Graph Reasoning & Analytics: Contribute to graph construction logic, schema evolution, and ontology-driven enrichment for Verdict Net, Verdict Propagation, Campaign Graphs, and Vortex insights
  • Implement graph traversal, multi-hop reasoning, and cluster detection algorithms to surface hidden attack patterns
  • Participate in performance optimization and health management of large-scale threat graphs
  • Data Engineering & Experimentation: Analyze large, noisy, high-dimensional security datasets using ADX/Kusto, Spark, and distributed compute platforms
  • Run A/B experiments, offline evaluations, and benchmark models to continually improve detection quality
  • Build high-quality research code and prototypes that transition smoothly to engineering teams for productionization
  • Cross-Functional Impact: Collaborate with detection engineering, threat research, product teams and red teams to integrate ML outcomes into real-world protection experiences
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Specialist

Seeking a Senior Cybersecurity Specialist that is able to work with a dynamic te...
Location
Location
United States , Boston
Salary
Salary:
Not provided
mcdean.com Logo
M.C. Dean, Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Top Secret clearance with the ability to obtain
  • U.S. Citizenship
  • Bachelor’s Degree in Computer Science, Engineering, Information Technology, or Cybersecurity Discipline preferred
  • 12+ years of demonstrated experience in Information Security
  • Good working knowledge of both DoD and Federal Government Cybersecurity/Information Assurance Security policies and procedures
  • 9+ years of applicable experience with a Master's Degree
  • 15+ years of applicable experience with an Associate's Degree
  • Demonstrated experience leading Cybersecurity Teams
  • Demonstrated experience with combined Risk Management Framework (RMF) and/or other system authorization and accreditation processes and NIST 800-53 controls
  • Demonstrated experience accrediting systems using Enterprise Mission Assurance Support Service (eMASS)/Xacta or similar, McAfee Host Based Security System (HBSS) or similar, and Nessus
Job Responsibility
Job Responsibility
  • Manage a team of engineers, analysts, and cybersecurity specialists
  • Be the contract Subject Matter Expert (SME) all matters related to Cybersecurity and the Risk Management Framework (RMF), and cyber compliance/tools (e.g., eMASS/XACTA, Nessus, HBSS, Splunk, etc.)
  • Drive team awareness of newly emerging Department of Defense cyber requirements
  • Bring forward suggestions on potential new cybersecurity related tools that will drive automation of team processes
  • Ensure Risk Assessments, Exemption/Exception requests and RMF Packages meet compliance
  • Ensure team is monitoring, reporting, and assessing Cyber compliance for all Operations and Infrastructure on schedule and in accordance with government policies
  • Ensure team maintenance, monitoring, reporting, and assessment of Cyber compliance on all security tools and technology
  • Ensure team is monitoring, reporting, and assessment of Cyber internal and external policy compliance
  • Work to mitigate risk across security system’s infrastructure
  • Interface daily with program management, operations, and engineers leads
What we offer
What we offer
  • Medical, dental, vision, life, and disability insurance
  • Paid time off
  • Tuition reimbursement
  • 401k Retirement Plan
  • Military Reserve pay offset
  • Paid maternity leave
  • Professional and technical training programs
  • Leadership training
  • Fulltime
Read More
Arrow Right

Security Researcher II

We are Cloud Threat protection Research team within Microsoft Threat Protection,...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity, with strong hands-on understanding of the modern attacker kill chain, MITRE ATT&CK framework, and evolving cloud-based threats, including attacks targeting Enterprise Apps, and emerging AI-driven applications
  • Proven experience securing cloud and containerized environments, with hands‑on knowledge of Azure, AWS, and/or GCP, and technologies such as Kubernetes, container platforms, Storage, Key Vault, DNS and cloud services
  • Deep knowledge of adversary tooling, red team frameworks, and attacker techniques, with the ability to analyze, simulate, and interpret real-world attacker behaviors across cloud ecosystems
  • Proficiency in at least one programming language (e.g., Python, C, or C++) for building research prototypes, internal tools, automation, or detection logic
  • Strong proficiency in query languages such as KQL, SQL, or Cypher for large-scale telemetry analysis, threat hunting, behavioral investigations, and detection validation
  • Experience working with large-scale datasets to support detection development, proactive threat hunting, behavioral analytics, and signal quality improvement
  • Strong collaboration and communication skills, with the ability to clearly articulate research insights, influence product and engineering decisions, and work effectively with partner teams, including Engineering, Data Science, and incident response stakeholders
  • Bachelor’s or Master’s degree in Computer Science, Engineering, or a related technical discipline, or equivalent practical experience in security research or threat detection
Job Responsibility
Job Responsibility
  • Research real‑world hybrid threats across cloud services, end point, identity and AI systems
  • Analyze live attacker behavior and production incidents to build high‑signal detections
  • Design multi‑cloud and enterprise protections that ship in Microsoft Defender
  • Collaborate closely with product, engineering, and global research teams to turn ideas into impact
  • Partner with strong in‑house AI teams to advance AI security, detection quality, and explainability
  • Build innovative tools, automation, and research prototypes at global scale
  • Operate in a high‑trust, ownership‑driven team culture that values technical depth and innovation
  • Fulltime
Read More
Arrow Right

Field Chief Security Officer

Glean is seeking a Field CSO to serve as Glean’s executive, customer‑facing secu...
Location
Location
United States , Palo Alto
Salary
Salary:
260000.00 - 320000.00 USD / Year
glean.com Logo
Glean
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in information security with executive‑level customer engagement
  • former CISO/CSO, Deputy CISO, Security Architect/Strategist, or advisory CISO experience strongly preferred
  • Deep command of enterprise security and cloud/SaaS controls: identity/SSO, least‑privilege, encryption at rest/in transit, key management, audit logging/SIEM, data residency/sovereignty, and third‑party risk
  • Hands‑on familiarity with major frameworks and regulatory needs: SOC 2 Type II, ISO 27001, GDPR/DPAs, HIPAA, and public sector expectations (e.g., TX‑RAMP
  • familiarity with FedRAMP requirements helpful)
  • Demonstrated experience guiding customers through DPIAs/PIAs, vendor assessments, and contractual security annexes
  • ability to compress complex risk into clear executive decisions
  • Practical understanding of AI/LLM security risks and mitigations: retrieval‑augmented generation (RAG) security, prompt injection defenses, jailbreak resistance, model access policies, and agent guardrails aligned to source permissions
  • Exceptional communication and storytelling skills with C‑suite and boards
  • proven impact in late‑stage deals and customer expansions
Job Responsibility
Job Responsibility
  • Act as the primary executive security advisor for named strategic accounts, partnering with Sales, SE, and CS to shape security strategy, deployment patterns, and program design for Glean’s Work AI platform
  • Lead and expedite security due diligence: DPIAs/PIAs, vendor risk assessments, data flow documentation, LLM‑related risk mitigations, and control mapping to frameworks (e.g., SOC 2, ISO 27001, HIPAA, GDPR, FedRAMP‑adjacent asks, TX‑RAMP)
  • Build compelling risk narratives and decision memos for C‑suite and Boards that connect security, privacy, and compliance outcomes to measurable business value and adoption
  • Serve as an executive “title match” in late‑stage cycles
  • join roadmap and architecture reviews to clear risk blockers and accelerate time‑to‑value
  • Publish and present Glean’s AI security and governance point of view (talks, webinars, whitepapers, playbooks), with pragmatic guidance on topics like single‑tenant SaaS, customer‑hosted deployments, data residency, encryption and key management, permissions mirroring, and agent guardrails
  • Develop reusable artifacts for the field: RFP/RFI security templates, reference architectures, policy/control mappings, DPIA/PIA kits, incident communications templates, SIEM export and audit logging guides
  • Partner with Glean Product, Security/Privacy, and Legal on “voice of customer” for features and policies (e.g., residency, SIEM/audit integrations, data lifecycle, model controls, red‑teaming, prompt‑injection defenses, allow/deny model policies)
  • Co‑design adoption and governance programs with customer security, IT, data, and privacy teams, including role‑based access, retention, redaction, secrets and PII controls, and ongoing audit practices
  • Advise on AI governance operating models: risk tiering for use cases, human‑in‑the‑loop controls, evaluation gates, and production guardrails for agents and workflows
What we offer
What we offer
  • Medical, Vision, and Dental coverage
  • generous time-off policy
  • opportunity to contribute to your 401k plan
  • home office improvement stipend
  • annual education and wellness stipends
  • vibrant company culture through regular events
  • healthy lunches daily
  • Fulltime
Read More
Arrow Right