CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Administration

Senior Security Assurance Engineer

United States, Reston 119800.00 - 234700.00 USD / Year · Job Posted March 21, 2026
Apply Position
Job Link Share

Job Description

Microsoft is seeking a Industrial Senior Security Assurance Engineer to support classified U.S. Government programs and secure cloud operations. This role is responsible for the operational execution and day to day oversight of industrial security requirements for assigned programs and facilities, ensuring compliance with the National Industrial Security Program Operating Manual (NISPOM) and customer security directives. The Industrial Senior Security Assurance Engineer serves as a trusted security partner to program teams and corporate security stakeholders, ensuring inspection readiness, compliance execution, and protection of Microsoft’s classified work and customer trust.

Job Responsibility

  • Execute industrial security operations for assigned classified programs, SCIFs, and secure environments in accordance with NISPOM (32 CFR Part 117) and customer requirements
  • Maintain SCIF and SAPF accreditation, including Fixed Facility Checklists (FFCs), self inspections, co utilization agreements, and coordination of material changes
  • Oversee safeguarding practices including access controls, classified storage, visitor management, and security awareness activities
  • Manage personnel access requests for classified and special access programs
  • Coordinate clearance and access activities with FSOs, CPSOs, and government security offices
  • Provide guidance to employees and managers on security responsibilities, reporting obligations, and compliance expectations
  • Investigate and report security incidents, violations, and infractions in accordance with regulatory and customer requirements
  • Maintain auditable security documentation and compliance artifacts to support government inspections, reviews, and internal audits
  • Support inspections and remediation of findings within assigned authority
  • Partner with Physical Security, HR, Legal, IT, Facilities, and Program teams to resolve operational security issues impacting classified environments
  • Serve as the primary security advisor to assigned program teams
  • Escalate systemic risks, policy interpretation issues, and compliance concerns to senior security leadership
  • Contribute to the improvement of classified security processes, tools, and training
  • Stay current on government security policies, directives, and customer requirements impacting assigned programs
  • Embody our culture and values

Requirements

  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • U.S. citizenship
  • Ability to pass Microsoft Cloud background check upon hire/transfer and every two years thereafter

Nice to have

  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection (enterprise experience)
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 8+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection (enterprise experience)
  • OR equivalent experience
  • 5-10 years experience
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Assurance Engineer

8 matching positions

Senior System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 10+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Senior System Security and Information Assurance Engineer

The Senior PAM Engineer will play a critical role within Line of Effort 2, respo...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • Master’s degree (MA/MS) in Cybersecurity, Information Technology, Computer Science, Engineering, or related field
  • 10+ years of professional experience in cybersecurity, systems engineering, or information assurance
  • Meets Cyber Engineer – Senior labor category requirements, including independent execution of all functional duties and support to mission-critical program elements
  • DoD 8570 IAT Level II certification or higher (e.g., Security+ CE, CCNA Security)
  • Deep expertise in Privileged Access Management (PAM) architectures and Zero Standing Privilege concepts
  • Hands-on experience implementing Just-In-Time (JIT) access workflows
  • Experience integrating PAM solutions with Active Directory, SIEM platforms (Splunk), and Identity Governance (IGA) tools
  • Experience producing technical documentation to support RMF and ATO processes (LLDs, SSPs, SOPs)
  • Ability to lead or oversee the efforts of less senior staff as required by program needs
Job Responsibility
Job Responsibility
  • Lead the installation, configuration, and technical implementation of an enterprise Privileged Access Management (PAM) solution (Delinea-focused) across multiple network enclaves
  • Discover, inventory, and onboard privileged user, administrator, and service accounts into a secure credential vault
  • Design and enforce policies for Just-In-Time (JIT) access, session monitoring, and session recording to achieve zero standing privileges
  • Develop scripts and API-based integrations between the PAM solution, Splunk SIEM, and Identity Governance (IGA) platforms
  • Support RMF accreditation activities by developing Low-Level Design (LLD) documents, System Security Plans (SSPs), and Standard Operating Procedures (SOPs)
  • Support Authority to Operate (ATO) efforts through security control implementation and technical validation
  • Lead enterprise rollout of PAM policies from pilot groups to full operational enforcement
  • Collaborate with Zero Trust architects, identity teams, and cyber engineers to ensure alignment with enterprise security architecture
Read More
Arrow Right

Information Systems Security Engineer Senior Level

ITC is a Woman Owned Small Business delivering exceptional consultation to the U...
Location
Location
United States , Ft. Meade
Salary
Salary:
Not provided
seekintegrity.com Logo
Integrity Technology Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • TS/SCI with FSP Polygraph. CI Poly allowed to start.
  • Twenty (20) years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity is required. Bachelor' s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required.
  • DoD 8570 compliance with IASAE Level 3 is required Both Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications are required.
  • A Master's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline may be substituted for two (2) years of experience, reducing the requirement to eighteen (18) years of experience.
  • Four (4) years of additional ISSE experience may be substituted for a bachelor ' s degree.
Job Responsibility
Job Responsibility
  • Assist with the development and maintenance of all necessary C&A documents
  • Provide coordination, tracking, and management through all aspects of the initial and recurring C&A processes.
  • Conduct independent assessments of all required security controls including interviews, examinations, and testing and prepare the assessment findings report.
  • Work with system owners to resolve findings and answer questions.
  • Perform cybersecurity review and validation services for cybersecurity authorization deliverables and record results.
  • Support the Risk Management Framework (RMF) process using applicable tools.
  • Continuous monitoring and plans of action and milestones (POA&M) management.
  • Assessing systems deployed in Test Infrastructures
  • Provide analytical, communication and troubleshooting skills that enable proactive and effective collaboration, including the ability to clearly articulate status and present to both customers and program leadership.
  • Supporting planning and testing for Certification and Accreditation processes and (Secure the Enterprise/Secure the Network (STE/STN), High Value Asset (HVA) requirements for all System security plans
What we offer
What we offer
  • 401K plan with company contributions (safe harbor and profit sharing)
  • 11 Federal holidays, 21 Days PTO
  • Medical, Dental, & Vision with substantial company contributions
  • Company provided Life, LTD and STD Insurance
  • Health Savings Accounts/ Flexible Spending Accounts
  • Referral Bonuses
  • Performance Bonuses
  • Tuition Assistance for Education, Training, and Professional certifications
  • Career Development
  • Fulltime
Read More
Arrow Right

Information Security Senior Engineer

To lead the organisation’s security assurance and standards capability. The role...
Location
Location
United Kingdom , Coventry
Salary
Salary:
70000.00 - 78000.00 GBP / Year
the-mtc.org Logo
Manufacturing Technology Centre
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in information security assurance, governance or audit‑facing security roles
  • Strong understanding of network security principles and the ability to challenge and validate technical designs
  • Led enterprise classification approach, technically and assured
  • Demonstrable experience supporting customer audits and completing security questionnaires & bid assurance responses
  • Ability to produce clear, evidence‑led documentation that stands up to scrutiny
  • Strong influencing and communication skills
  • Self‑starting approach with high ownership
Job Responsibility
Job Responsibility
  • Own the interpretation and day‑to‑day operation of relevant standards and assurance frameworks (Defence, CE/CE+)
  • Maintain an evidence library and control narratives suitable for customer audits and formal assessments
  • Lead responses to customer security audit requests and new business Security Assurance Questionnaires (SAQs), working closely with technical colleagues
  • Strengthen the organisation’s network security assurance capability: challenge designs, validate controls, and support secure integration into enterprise facilities
  • Coordinate internal assurance activities supporting annual Cyber Essentials Plus including readiness reviews, remediation tracking and evidence pack quality
  • Support incident response governance: ensure playbooks, communications templates and post‑incident learning are maintained
  • Contribute to the cyber security communications channel: support awareness campaigns, targeted briefings and lessons‑learned messaging
  • Support the maintenance of ITSM, and address security governance and design related tickets
  • Play an active role in maintaining & contributing to Security related Dev Ops
What we offer
What we offer
  • Excellent Pension Scheme
  • Flexible Working
  • Fulltime
Read More
Arrow Right

Satellite Communications System Security Engineer, Senior

As a Satellite Communications Systems Security Engineer, you will identify the n...
Location
Location
United States , Fort Meade
Salary
Salary:
77600.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience implementing, testing, and validating STIGs, performing system self‑assessments, and creating STIG checklists
  • 7+ years of experience executing IAVM actions, such as IAVA alerts, bulletins, or tasking orders, and developing compliant engineering responses
  • 7+ years of experience deploying and validating ESS, ACAS, and CMRS, analyzing ACAS scans, developing remediation strategies, and implementing patches and upgrades
  • 7+ years of experience reviewing cybersecurity and engineering change requests to ensure operational availability and compliance
  • Knowledge of RMF and its application to networks and IT systems, such as Cisco routers, switches, Active Directory, or access control
  • Ability to manage users in Windows or Linux and administer VMs in VMware or Hyper‑V
  • Ability to accredit and secure DoD systems using RMF, perform IAVA analysis, document POA&Ms, and prepare security assessment artifacts
  • Top Secret clearance
  • Bachelor’s degree in Science, Technology, or Engineering
  • Security+ Certification
Job Responsibility
Job Responsibility
  • Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management
  • Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises
  • Perform risk and vulnerability assessments in network, system, and application areas and leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise
  • Participate in the development of test strategies and conduct of testing, validating, and implementing applicable STIG requirements for current or new systems
  • Conduct periodic self-assessments of systems to ensure STIG compliance and create STIG checklists to support periodic self-assessments
  • Perform Information Assurance Vulnerability Management (IAVM) activities such as IA vulnerability alerts, bulletins, and tasking orders and develop a systematic approach for responses to IAVM related issues to maintain system compliance
What we offer
What we offer
  • health, life, disability, financial, and retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
Read More
Arrow Right

Senior Security Engineer

The Security Remote Technical Support Engineer (L2) is a developing engineering ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent in Information Technology or Computing or related field
  • Professional level Certification in Different Networking Technologies Like Cisco, Juniper, Checkpoint, PaloAlto, Fortinet, Aruba, BlueCoat, ZeeScaler 5 such as CCNP, JNCIP, ACCP, PCNSP, CCSP etc
  • Moderate level experience in Security technologies such as Firewall, IPS, IDS, Proxy etc
  • Moderate level experience in technical support to clients
  • Moderate level experience in diagnosis and troubleshooting
  • Moderate level experience providing remote support in Security technologies
  • Moderate level experience in relevant technology
  • Working knowledge of technical documentation
  • Knowledge on management agent concepts, redundancy concepts and remote console architecture within supported technical domain
  • Knowledge of vendor technologies, such as Cisco, Microsoft, ARC, Audio Codes, PeterCOnnect, Sonus
Job Responsibility
Job Responsibility
  • Maintains the support process and ensures that requests for support are handled according to the procedures
  • Use service assurance software and tools to investigate and diagnose problems, collect performance statistics and create reports, working with users, other staff and suppliers as appropriate
  • Identifies and resolves problems following agreed procedures
  • Carries out agreed maintenance tasks
  • Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required
  • Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information
  • Analyzes service records against agreed service levels regularly to identify actions required to maintain or improve levels of service, and initiates or reports these actions
  • Prioritizes and diagnoses incidents according to agreed procedures
  • Investigates causes of incidents and seeks resolution
  • Escalates unresolved incidents and follow up until incident is resolved
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, GRC Automation

1Password is looking for a Senior Security Engineer – GRC to design and implemen...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles
  • Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring
  • Direct experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environments
  • Strong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools
  • Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems
  • Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations
Job Responsibility
Job Responsibility
  • Lead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflows
  • Build out automated workflows for control testing, evidence collection, and audit readiness
  • Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management)
  • Design dashboards and reporting to track control health, trust signals, and audit performance
  • Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response
  • Shape the roadmap for automated, resilient internal assurance infrastructure that grows alongside the business
What we offer
What we offer
  • Health and wellbeing: Maternity and parental leave top-up programs
  • Competitive health benefits
  • Generous PTO policy
  • Growth and future: RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Community: Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Security Engineer, you’ll shape the evolution of SafetyCulture’s clo...
Location
Location
Australia , Sydney; Melbourne
Salary
Salary:
Not provided
safetyculture.com Logo
SafetyCulture
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Versatile engineer whose domain is the AWS Cloud
  • Understand how to architect and secure AWS-based infrastructure
  • Strong coding experience in Golang, NodeJS, or Python
  • Security is foundational to how you build from vulnerability management and system hardening to security automation and architecture
  • Self-starter who can take projects from idea to completion
  • Thrive in collaborative, fast-paced environments
  • Bring curiosity, pragmatism, and a drive to make security scalable through elegant automation
Job Responsibility
Job Responsibility
  • Embed cloud security into CI/CD pipelines, developer tooling, and infrastructure-as-code practices
  • Identify and correct security misconfigurations across AWS accounts through automation and architecture improvements
  • Lead assessments of networks, systems, and applications
  • turning findings into action and measurable posture uplift
  • Build automated security controls, monitoring, and reporting systems (vulnerability management, logging, integrity, honeypots, etc.)
  • Mentor engineers and act as a trusted security partner across squads, influencing design and implementation decisions
  • Improve observability and detection across environments, ensuring rapid response and continuous assurance
  • Present security insights and outcomes across the engineering org and leadership teams
What we offer
What we offer
  • Equity with high growth potential, and a competitive salary
  • Flexible working arrangements
  • Access to professional and personal training and development opportunities
  • Hackathons, Workshops, Lunch & Learns
  • In-house Culinary Crew serving up daily breakfast, lunch and snacks
  • Wellbeing initiatives such as subsidised fitness programs, EAP services and generous parental leave policy
  • Quarterly celebrations and team events, including the annual Shiplt! global offsite
  • Table tennis, board games, gym sessions, book club, and pet-friendly offices
  • Fulltime
Read More
Arrow Right