CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Security Operations Engineer II

India, Bangalore · Job Posted February 05, 2026
Apply Position
Job Link Share

Job Description

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. The Identity & Access Management (IAM) Protect team within the CISO organization is seeking a motivated Security Operations Engineer to join our Identity Operations team. This role is focused on driving operational excellence across Microsoft Identity services, providing DRI and on-call support for production systems, and building automation to reduce undifferentiated operational work and improve reliability. The engineer will emphasize first-contact resolution, shift-left practices, and deep root-cause analysis to minimize customer disruption, while channeling operational insights and customer feedback back into IAM service teams to continuously improve reliability and experience. The ideal candidate brings foundational identity knowledge, strong analytical skills, and a passion for growing into an Identity engineering role, with an interest in leveraging AI-assisted insights to advance operational maturity over time.

Job Responsibility

  • Participate in the on-call rotation as a Designated Responsible Individual (DRI), providing dependable and timely operational support for identity services
  • Deliver day-to-day security operations support across Microsoft Entra ID and Azure Active Directory, including authentication, authorization, and directory services
  • Execute identity lifecycle operations such as access provisioning and deprovisioning, group and role management, and access governance activities
  • Troubleshoot and resolve identity-related incidents, including MFA and Conditional Access failures, SSO and token issues, service principal misconfigurations, device join problems, and directory synchronization errors
  • Monitor service health, identity logs, and alerts to proactively identify issues and maintain service reliability and security compliance
  • Investigate, triage, and mitigate production incidents with clear communication, accurate diagnosis, and timely resolution to minimize customer impact
  • Contribute to root-cause analysis and post-incident reviews, supporting follow-up actions to reduce repeat incidents
  • Develop and maintain scripts and basic automation to streamline identity operations, improve first-contact resolution, and reduce manual and repetitive work
  • Assist in building self-service and preventative solutions such as identity health checks and policy drift detection
  • Identify recurring operational issues and collaborate with engineering partners to implement automation-first improvements that reduce operational noise and incident volume
  • Work in scheduled shift and on-call rotations to provide continuous operational support for identity services

Requirements

  • 6+ years of experience in security operations, IT operations, technical support, or engineering roles supporting production systems
  • Strong understanding of identity and access fundamentals, including authentication and authorization protocols (OAuth 2.0, OIDC, SAML, certificate-based authentication) and common token flows
  • Hands-on experience with Microsoft Entra ID / Azure AD, including MFA, Conditional Access, session controls, Privileged Identity Management (PIM), and identity lifecycle operations
  • Experience supporting directory synchronization and device identity, including Entra Connect or Cloud Sync, Azure AD joined, hybrid joined, and registered devices, and how device posture influences Conditional Access
  • Working knowledge of application identity, including app registrations, delegated and application permissions, consent flows, API scopes, and identifying common configuration issues
  • Ability to analyze identity logs and telemetry, such as sign-in, audit, token, and provisioning logs, using tools like the Azure portal, KQL, Graph Explorer, Azure Monitor, or IcM
  • Demonstrated troubleshooting and automation mindset, with experience scripting or building basic automation to reduce manual work, improve support quality, and collaborate effectively with engineering and security teams

Nice to have

  • Hands-on experience administering Microsoft Entra ID / Azure Active Directory
  • Working knowledge of automation tools and source control, including Git/GitHub and CI/CD pipelines
  • Familiarity with monitoring and incident management tools such as Azure Monitor, Kusto, Grafana, and IcM
  • Strong interest in service reliability, operational discipline, and improving production support quality
  • Practical scripting experience using PowerShell and/or Python
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Operations Engineer II

8 matching positions

Security Operations Engineer II

Microsoft 365 continues to experience incredible growth as the company focuses o...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Ensure accuracy and comprehensiveness in security policy, and design mitigation strategies for identified gaps
  • Collaborate with internal and external parties to ensure service level agreements are reached when addressing threats
  • Design for the customer experience by sharing best practices, interacting directly with customers, and resolving issues
  • Recommend mitigation strategies based on identified security trends
  • Analyze specific aspects of attempts to compromise systems security
  • Use monitoring techniques to identify intrustions
  • Understand how weaponized code can be used and recommend potential detections and signatures for defense capabilities
  • Design evolving common infrastructure architecture for our organization
  • Support development teams with securing applications and services
  • Stay relevant with emerging Azure features including risk and security principles
  • Fulltime
Read More
Arrow Right

Security Operations Engineer II

We’re building the foundation for how Information Systems and Security Operation...
Location
Location
United States , Austin
Salary
Salary:
80000.00 - 85000.00 USD / Year
astronomer.io Logo
Astronomer
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience with Python (or similar scripting languages) and APIs
  • Strong troubleshooting skills across endpoints, identity/access, and collaboration platforms
  • owning issues through to resolution
  • Hands-on SecOps exposure using tools like EDR/SIEM/SOAR for alert triage, investigation, and incident handling (or closely related experience with the ability to ramp fast)
  • Data and analytics mindset with comfort pulling, cleaning, and analyzing operational data (tickets, alerts, logs) to guide decisions
  • Automation capability using scripting (Python or similar), APIs, and/or orchestration—building safe, auditable workflows that may leverage GenAI/ML for enrichment or decision support
  • Clear communicator who stays calm under pressure, comfortable navigating ambiguity and proposing structured solutions
  • Demonstrated curiosity and learning agility, with interest in growing across IT, security, and data/automation
Job Responsibility
Job Responsibility
  • Own Tier 2 escalations across endpoints, identity & access, collaboration tools, and core services—balancing fast resolution with long-term quality
  • Investigate root causes of recurring issues and design durable fixes that prevent repeat incidents (vs. one-off workarounds)
  • Develop secure configuration standards and baselines spanning endpoints, GenAI, orchestration, and SaaS/cloud infrastructure, and iterate on them to support scale and reliability
  • Shape incident/problem/change practices by proposing safe changes with clear rollback plans and improving how the team learns from incidents
  • Create operational documentation (knowledge base articles, runbooks, reusable patterns) that reduces escalations and uplevels the service desk
  • Triage and investigate security alerts in EDR/SIEM/SOAR, escalate effectively, and coordinate containment to recovery using playbooks with clear timelines
  • Build and improve automations + analytics (GenAI/ML workflows, scripts/APIs, dashboards) to streamline tasks like alert enrichment, ticket routing, lifecycle changes, remediation flows, and ongoing operational reporting
  • Partner on vulnerability and patch management by prioritizing issues, tracking remediation to SLAs, and verifying closure in measurable ways
What we offer
What we offer
  • equity component
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Security Engineer II - Windows Security

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
  • 5+ years of experience in a software engineering or security-related engineering
  • Public track record of relevant security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Lead Threat Detection & Incident Response: Proactively identify and respond to sophisticated threats by analyzing diverse security signals, driving rapid containment, and reducing risk to critical systems and data
  • Own End-to-End Investigations: Perform deep-dive investigations into complex security events, determine scope and root cause, and drive incidents to resolution with clear documentation and action
  • Drive Cross-Functional Security Outcomes: Partner with threat intelligence, detection engineering, product teams, and researchers to translate insights into actionable improvements in detection, response, and remediation
  • Advance Detection & Response Capabilities: Identify gaps in existing detections and workflows, and contribute to building, tuning, and scaling automation and detection logic to improve coverage and efficiency
  • Enable Operational Excellence at Scale: Leverage data, analytics, and security telemetry to prioritize work, improve investigation quality, and enhance consistency across a globally distributed operations model
  • Continuously Evolve Against Emerging Threats: Stay ahead of the threat landscape by applying new techniques, tools, and intelligence to strengthen investigative depth and response effectiveness
  • Foster a Learning & Knowledge-Sharing Culture: Contribute to team growth through mentorship, documentation, and sharing best practices to elevate overall team capability and performance
What we offer
What we offer
  • Certain roles may be eligible for benefits and other compensation
  • Fulltime
Read More
Arrow Right

Iam Operations Engineer Ii

As an IAM Operations Engineer, you’ll support the day-to-day identity and access...
Location
Location
Brazil , Sao Paulo
Salary
Salary:
Not provided
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • 6+ years of experience in Identity and Access Management (IAM) operations or IT security administration
  • Hands-on experience with Okta, Active Directory, and Azure AD administration
  • Proficiency in Python, PowerShell, or Java scripting for process automation
  • Experience with Terraform or similar Infrastructure-as-Code (IaC) principles for IAM deployment
  • Working knowledge of authentication and authorization protocols including SAML, OAuth, OIDC, and LDAP
Job Responsibility
Job Responsibility
  • Administer and maintain enterprise IAM platforms including Okta, Active Directory, Azure AD, and SailPoint IIQ to ensure global availability and security
  • Build and maintain automation scripts and bot flows using Python or PowerShell to streamline the user lifecycle, from seamless onboarding to secure de-provisioning
  • Integrate IAM workflows with AI-powered chatbots and RPA frameworks to enable self-service access, reducing manual intervention and improving response times
  • Leverage AI/ML-based insights to detect identity anomalies, enforce the principle of least privilege, and strengthen our Zero Trust architecture
  • Monitor system health and operational metrics using dashboards in Tableau or Jira to proactively identify and resolve bottlenecks before they impact the business
  • Collaborate cross-functionally with Security, IT, and Compliance teams to implement automated incident response playbooks that remediate IAM issues at scale
  • Fulltime
Read More
Arrow Right

FedRAMP Security Engineer II

Location
Location
United States , Raleigh
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years of experience in cybersecurity/vulnerability management
  • FedRAMP experience (ideally) or minimum exposure
  • NIST 800-53 or other similar framework experience
  • Experience tracking vulnerabilities, tracking large volumes of findings and staying organized/accurate in data
  • Understanding of continuous monitoring, system visibility and audit readiness
  • Experience improving workflows through automation or scripting (Power Automate, PowerShell, Python)
  • Bachelor’s degree
Job Responsibility
Job Responsibility
  • Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables
  • Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure
  • Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation
  • Maintain an accurate, up-to-date view of vulnerability status across the environment
  • Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure
  • Monitor and report on aging vulnerabilities and SLA adherence
  • Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records
  • Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status
  • Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources
  • Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately
  • Fulltime
Read More
Arrow Right