CrawlJobs Logo

Senior Security Engineer - Red Team

United States, Redmond 119800.00 - 234700.00 USD / Year · Job Posted February 17, 2026
Apply Position
Job Link Share

Job Description

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Are you excited about identifying and exploiting security vulnerabilities that impact hundreds of millions of users? Join the Microsoft Red Team (MRT) organization, where you will emulate real-world advanced persistent threats against Microsoft. Our mission is to ensure Microsoft is prepared to face and respond to even the most determined adversaries by exploring innovative ways to identify and prevent security flaws. MRT is currently seeking talented individuals focused on exploitation across a diverse set of Microsoft services. Your work will ensure the security and resilience of some of the world's largest and most complex services in the world, including Microsoft acquisitions, financial systems, physical facilities, and the core corporate network. We are looking for a Senior Security Engineer to lead operations and collaborate with other experienced red teamers in identifying and exploiting vulnerabilities across all layers of services, including application, cloud, network, hardware, and operational security domains. You will work closely with developers and security personnel from multiple teams across Microsoft. Additionally, as a Senior Security Engineer in MRT, you will be responsible for fostering the team's growth both technically and culturally, as we build and retain the next generation of top talent at Microsoft. By adopting the tactics, techniques, and procedures of potential attackers, you will provide critical insights that empower our security teams to strengthen defenses and protect against the evolving landscape of digital threats.

Job Responsibility

  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Execute and lead Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence

Requirements

  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
  • equivalent experience
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Nice to have

5+ years experience in any of the following: identifying security vulnerabilities, cyber security or related security discipline.

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Security Engineer - Red Team

8 matching positions

Senior Security Engineer (Red Team Specialist)

We are seeking a highly skilled and experienced Senior Security Engineer Penetra...
Location
Location
Indonesia , Jakarta
Salary
Salary:
Not provided
Flip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field
  • Relevant certifications such as OSCP, OSCE, GPEN, or GXPN are highly desirable
  • Minimum of 5 years of hands-on experience in penetration testing (mobile applications {Android and iOS}, web applications, and API), red teaming, or ethical hacking, with a proven track record of identifying and exploiting vulnerabilities
  • Demonstrate a strong grasp of end-to-end SDLC, DevSecOps, and application development for web and mobile applications
  • Expertise in using various security testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap, etc.) and manual techniques to conduct thorough security assessments
  • Proficiency in programming and scripting languages (e.g., Python, Go, Shell Script) to develop custom tools and automation scripts
  • Strong understanding of network protocols, operating systems, and common security technologies (SIEM, XDR/EDR, firewalls, IDS/IPS, WAFs, etc.)
  • In-depth knowledge of cybersecurity principles, attack vectors, and defense strategies. Familiarity with threat intelligence and risk assessment methodologies, OWASP, Cloud Security best practices
  • Excellent analytical and problem-solving abilities, with a proactive approach to identifying and mitigating security risks
  • Effective verbal and written communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Lead and conduct penetration testing and red teaming activities against our organization's networks, applications, and physical security
  • Perform comprehensive security assessments to identify vulnerabilities and potential weaknesses
  • Develop realistic attack scenarios based on current threat intelligence and industry best practices
  • Simulate sophisticated attack techniques to identify gaps in our security controls and defenses
  • Conduct in-depth vulnerability assessments and risk analyses, utilizing various security testing tools and manual techniques
  • Provide detailed reports outlining identified vulnerabilities and recommended remediation actions
  • Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and attack techniques
  • Continuously monitor emerging trends and industry developments to inform our security strategies
  • Collaborate with the security team and other stakeholders to review and improve our organization's security architecture, ensuring it aligns with industry standards and best practices
  • Assist the incident response team in handling cybersecurity incidents, performing forensic investigations, and providing expertise on the adversary's techniques and tactics
  • Fulltime
Read More
Arrow Right

Senior Staff Red Team Engineer

Our Information Security organization is seeking a Senior Staff Red Team Enginee...
Location
Location
United States , Burbank
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience leading covert Red Team operations
  • Experience with developing custom tools and payloads which bypass defensive products, and remain undetected in a mature network environment
  • Must have the ability to perform targeted attacks with or without the use of automated tools
  • Expertise in adversarial TTPs
  • Experience performing adversarial simulation
  • Experience in conducting surreptitious on-premise and cloud based attacks
  • Excellent written and verbal communication skills
  • Ability to establish priorities, work independently and proceed with objectives
  • Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
Job Responsibility
Job Responsibility
  • Lead end-to-end Red Team operations to highlight gaps impacting enterprise security posture and readiness
  • Develop payloads and attack tools which bypass security controls for use in covert operations
  • Simulate real-world attacks that are relevant to the business
  • Leverage bleeding edge AI research to enhance offensive security capabilities
  • Deliver detailed reports of technical findings to stakeholders and assist with the development of mitigation plans
  • Deliver executive technical out briefs to leadership across the organization
  • Assist with security investigations, root-cause analysis and corrective measures as required
What we offer
What we offer
  • Restricted stock units
  • Bonus
  • Employee benefits (see link in offer)
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Security Operations

The senior security engineer role provides a unique opportunity to shape the sec...
Location
Location
United States , REMOTE; SAN FRANCISCO; ROSEVILLE; LEHI; WEST PALM BEACH; IRVINE
Salary
Salary:
146000.00 - 170000.00 USD / Year
goodleap.com Logo
GoodLeap
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences
  • Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations
  • Experience with threat modeling methodologies
  • Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR
  • Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus)
  • Proven ability to establish credibility and build trust with business, engineers, and operational staff
  • Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce
  • Experience working with and creating solutions based AI and ML toolsets – e.g., creation of AI skills, agents, MCP clients, vibe coding
  • Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases
  • Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK
Job Responsibility
Job Responsibility
  • Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios
  • Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios
  • Support or develop components of the security analytics platform
  • Support embedded (product) security team
  • Support general security operations team with vulnerability management, tools management, and more
What we offer
What we offer
  • bonus
  • equity
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - AI Products & Platforms

We are Citi's Application, Platform and Engineering team, a start-up with the ex...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bring your deep-dive application security engineering expertise from building production systems
  • Thrive in a results-driven environment, where flexibility fuels impact
  • Be a game-changer, ready to step beyond your designated role
  • Love the synergy of pair programming? So do we!
  • Seize the opportunity to secure AI applications at scale. Jump in!
  • A relentless passion to learn more about AI security, LLM attacks, and bringing your knowledge to shape Citi's secure AI future
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises, and thinking like an attacker to strengthen defenses
  • State-of-the-art security engineering with Go, Python, JavaScript - you build both security tools and secure production systems in fast-paced environments
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials, and extending Vault functionality for enterprise-scale secrets management
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Ethical hacking and red team activities - Conduct penetration testing, vulnerability research, and attack simulation to make our products bulletproof
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks through hands-on testing
  • Lead "shift left" security - Embed security practices throughout our rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • hybrid working model (up to 2 days working at home per week)
  • business casual workplace
  • Fulltime
Read More
Arrow Right

AI and ML Security Engineer, Senior

Location
Location
United States , Fort Meade
Salary
Salary:
99000.00 - 225000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with Python for building automated red-team tests or evaluations
  • Experience with Linux and containerized environments, such as Docker or Docker Compose, to operate model‑testing or red‑team tooling
  • Experience with red-team methodologies, including stress‑testing, structured prompts, failure‑mode discovery, vulnerability identification, or behavior scoring
  • Experience with AI or ML evaluation or security testing
  • Ability to analyze ML or LLM outputs, identify misbehavior or data leakage patterns, and document findings clearly
  • Ability to synthesize technical evidence with intelligence context and communicate risk to both technical and non‑technical audiences
  • TS/SCI clearance with a polygraph
  • Bachelor's degree and 3+ years of experience with AI or ML, or 6+ years of experience with AI or ML in lieu of a degree
Job Responsibility
Job Responsibility
  • train, test, deploy, and maintain models that learn from data
  • own and define the direction of mission-critical solutions by applying best-fit ML algorithms and technologies
  • collaborate with network analysts to deliver world class solutions to conduct red team evaluations of machine learning systems, including LLMs
  • use intelligence analysis to evaluate exploitation risks and operational impacts
What we offer
What we offer
  • health, life, disability, financial, and retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Security Engineer at Bitwarden, you will be responsible for conducti...
Location
Location
United States
Salary
Salary:
140000.00 - 180000.00 USD / Year
bitwarden.com Logo
Bitwarden
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with Penetration Testing Tools, such as Burp Suite, NMAP, Nessus, Metasploit, Kali Linux, SQLMap, Owasp ZAP, and manual testing tools
  • In-depth knowledge of leading vulnerability management tools and strategies
  • In-depth understanding and usage of application security testing technologies is a plus
  • Understanding of authentication concepts, including OpenIDConnect, SAML, OAuth, and SSO flows
  • Strong working knowledge of vulnerability management tools, data and network security technologies
  • Collaborative and adaptable mindset
  • Openness and authenticity combined with excellent communication skills
  • Excitement and enthusiasm for open source and for better internet security
  • Excellent problem-solving skills
  • Ability to maintain discretion, handle sensitive information, and maintain security best-practices
Job Responsibility
Job Responsibility
  • Research emerging threats across the surface web, dark web, and deep web
  • Build threat models, conduct threat hunts, and plan and execute purple team engagements
  • Coordinate internal red team testing operations that emulate a threat actor
  • Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to improve our offensive and defensive security controls
  • Contribute to vulnerability testing and analysis as well as incident response and analysis
  • Include testing for web, mobile, CLI, and desktop application security issues across our multi-product portfolio, including Bitwarden Password Manager, Secrets Manager, and Passwordless.dev, our APIs, serverless functions, and database
  • Participate in code reviews, learning and spreading technical knowledge about security posture
  • Contribute to resolutions for security-related issues
  • Coordinate technical validation and leadership review of purple team reports detailing testing results and potential areas of improvement
  • Conduct internal penetration tests on systems and networks to determine realistic threat vectors
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Come be a part of an exciting and ever-changing program that provides a comprehe...
Location
Location
United States , Columbia, Maryland
Salary
Salary:
155000.00 - 170000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of progressive experience designing, engineering, and securing enterprise‑scale IT systems across complex network environments
  • Expert‑level knowledge in architecting, deploying, and maintaining security infrastructure, including endpoint protection, vulnerability management, configuration management, and enterprise hardening solutions
  • Demonstrated experience leading security engineering initiatives, including implementing advanced security controls, designing secure configurations, and overseeing patch and update strategies for Linux and Windows environments
  • Extensive hands‑on experience with enterprise security tools, such as Ivanti, WSUS, Trellix, Tenable, or equivalent platforms, including tool integration, optimization, and lifecycle management
  • Strong understanding of security frameworks and compliance requirements, such as NIST RMF, NIST 800‑53, STIGs, or equivalent federal/DoD standards
  • Demonstrated ability to lead complex troubleshooting efforts, perform root‑cause analysis, and drive long‑term remediation strategies across enterprise systems
  • Experience mentoring junior engineers, providing technical leadership, and contributing to team capability development
  • Required IAT/Management‑level certification: one or more of the following — CASP+, CISSP, or equivalent senior‑level certification
  • Required vendor certification in one or more relevant technologies (e.g., Microsoft, VMware, Cisco, NetApp, Pure Storage, HP, Dell, Linux+, Red Hat, HBSS, ACAS). Candidates without an active certification must obtain at least one within 6 months of hire
  • TS/SCI clearance required
Job Responsibility
Job Responsibility
  • Architect, implement, and maintain enterprise security controls and infrastructure components across Windows, Linux, and virtualized environments
  • Lead the design, deployment, configuration, and lifecycle management of endpoint hardening and security tools (e.g., Ivanti, WSUS, Trellix, Tenable)
  • Oversee patch management processes, including OS updates, third‑party software updates, and administrative tool upgrades
  • Provide expert‑level troubleshooting, root‑cause analysis, and performance optimization for complex security and infrastructure issues
  • Evaluate, recommend, and lead the adoption of new security tools, technologies, and methodologies
  • Develop and maintain security documentation, including SSPs, RMF artifacts, engineering diagrams, and operational procedures
  • Design and implement security requirements within enterprise business processes and technical architectures
  • Support vulnerability assessments, interpret results, and develop risk‑based mitigation strategies
  • Conduct system hardening, configuration baselining, and compliance scanning to ensure adherence to security standards
  • Support and guide incident response activities, including forensic analysis and containment strategies
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Security Engineer on the Application Security team at OutSystems, yo...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
outsystems.com Logo
OutSystems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in application security within modern, cloud-native environments
  • Strong foundation in AppSec fundamentals, including secure design, threat modeling, vulnerability triage, and remediation
  • Ability to independently deliver moderately complex security work end to end
  • Comfortable working across application, cloud, and platform security within a defined scope
  • Ability to write, understand, and review code, including building security automation and validating AI- or low-code-generated solutions
  • Hands-on experience with AWS (required), Kubernetes, and microservices
  • Clear understanding of penetration testing, red teaming, and purple teaming, and when to apply each
Job Responsibility
Job Responsibility
  • Independently drive security work across all phases of the SDLC, from early design and threat modeling through implementation, testing, and release
  • Own delivery of moderately complex security projects or features, adjusting standard approaches as needed to achieve the intended outcome
  • Partner with engineering and platform teams to secure AI-powered and agentic capabilities, ensuring security considerations are built in early rather than bolted on later
  • Conduct focused security assessments of applications, APIs, internal services, and platform components using the appropriate depth and methodology for the risk
  • Contribute to the development and adoption of secure-by-default patterns, guardrails, and paved roads that scale security without increasing friction
  • Operate and improve security tooling by tuning signal quality, reducing noise, and identifying opportunities to improve effectiveness
  • Build or extend security tooling and automation to eliminate manual or repetitive work
  • Clearly communicate risks, tradeoffs, and recommendations to engineering partners in a way that supports informed decision-making
  • Proactively identify gaps or inefficiencies in security processes and suggest practical improvements aligned with team goals
  • Mentor junior engineers and new hires, helping them ramp up effectively and understand how Product Security operates at OutSystems
What we offer
What we offer
  • A company that is always growing, changing, and innovating
  • Real career opportunities
  • Work colleagues that are as smart, hard-working, and driven as you
  • Disrupting the status quo is in our DNA
  • We ask “why” a lot
  • Inclusive culture of diversity
  • Fulltime
Read More
Arrow Right