CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Senior Security Engineer - Red Team

United States, Redmond 119800.00 - 234700.00 USD / Year · Job Posted February 17, 2026
Apply Position
Job Link Share

Job Description

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Are you excited about identifying and exploiting security vulnerabilities that impact hundreds of millions of users? Join the Microsoft Red Team (MRT) organization, where you will emulate real-world advanced persistent threats against Microsoft. Our mission is to ensure Microsoft is prepared to face and respond to even the most determined adversaries by exploring innovative ways to identify and prevent security flaws. MRT is currently seeking talented individuals focused on exploitation across a diverse set of Microsoft services. Your work will ensure the security and resilience of some of the world's largest and most complex services in the world, including Microsoft acquisitions, financial systems, physical facilities, and the core corporate network. We are looking for a Senior Security Engineer to lead operations and collaborate with other experienced red teamers in identifying and exploiting vulnerabilities across all layers of services, including application, cloud, network, hardware, and operational security domains. You will work closely with developers and security personnel from multiple teams across Microsoft. Additionally, as a Senior Security Engineer in MRT, you will be responsible for fostering the team's growth both technically and culturally, as we build and retain the next generation of top talent at Microsoft. By adopting the tactics, techniques, and procedures of potential attackers, you will provide critical insights that empower our security teams to strengthen defenses and protect against the evolving landscape of digital threats.

Job Responsibility

  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Execute and lead Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence

Requirements

  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
  • equivalent experience
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Nice to have

5+ years experience in any of the following: identifying security vulnerabilities, cyber security or related security discipline.

Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Engineer - Red Team

8 matching positions

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Ready to make an impact on the security of products from the ground up? Join our...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines to ensure seamless and secure software delivery
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
  • Travel: No routine travel required
  • occasional travel as needed.
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks.
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, discounted games & events and stocked pantries.
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Red Team Operations Manager

To lead, oversee, and quality assure the execution of Red Team engagements end-t...
Location
Location
United Kingdom
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience leading and/or managing Red Team engagements in enterprise environments, preferably across multiple industries (e.g. finance, critical infrastructure, cloud / SaaS / OT)
  • Deep technical knowledge of exploitation, post-exploitation, lateral movement, persistence, command & control, evasion, privilege escalation
  • Good knowledge and experience with Blue Team controls e.g. IDS/IPS, SIEM, EDR, NGFW, log analysis, detection engineering, ideally experience in bypassing or evading them safely
  • Solid experience with modern cloud environments (Azure, AWS, GCP), hybrid / on-premise networks, potentially OT/IoT/industrial environments
  • Strong tradecraft / OpSec awareness around how to avoid detection and conduct operations with minimal operational risk
  • Familiarity with CREST / STAR / TIBER etc. and regulatory / compliance requirements in relevant geographies
  • Proven experience in threat intelligence ingestion, scenario design, mapping to relevant threat actors
  • Excellent written and verbal communication skills and able to produce high quality reports, executive summaries, interact with senior leadership, legal, compliance etc.
  • Good project / operations management skills with an eye for budgeting, scheduling, resource allocation, interfacing external/internal teams
  • Ability to make real-time decisions under pressure, to balance risk vs reward
Job Responsibility
Job Responsibility
  • Lead, oversee, and quality assure the execution of Red Team engagements end-to-end from scoping & planning, through execution, reporting, to debrief and capability development
  • Ensure that all operations are safe, legal, technically robust, aligned with threat intelligence, compliance frameworks, and deliver high value to customers
  • Act as a subject-matter expert and manager for both operations and sales / client-facing aspects of Red Team services
  • Lead multiple concurrent Red Team engagements across industries
  • Define, negotiate and document scope, objectives, rules of engagement, deliverables, constraints, escalation & approval pathways
  • Oversee milestone planning e.g. kick-offs, stand-ups, wash-ups, strategic debriefs
  • Manage resources e.g. operator assignments, tooling, support functions
  • Track engagement progress vs objectives, adjust as needed
  • Assess and manage technical risk ensuring that any red team activity minimises risk to customer operations, data, systems
  • Real-time decision making during operations around TTP deployment, bypass of defenses, managing detections or unexpected discovery
Read More
Arrow Right

Red Team Operations Manager

To lead, oversee, and quality assure the execution of Red Team engagements end-t...
Location
Location
Australia
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience leading and/or managing Red Team engagements in enterprise environments, preferably across multiple industries (e.g. finance, critical infrastructure, cloud / SaaS / OT)
  • Deep technical knowledge of exploitation, post-exploitation, lateral movement, persistence, command & control, evasion, privilege escalation
  • Good knowledge and experience with Blue Team controls e.g. IDS/IPS, SIEM, EDR, NGFW, log analysis, detection engineering, ideally experience in bypassing or evading them safely
  • Solid experience with modern cloud environments (Azure, AWS, GCP), hybrid / on-premise networks, potentially OT/IoT/industrial environments
  • Strong tradecraft / OpSec awareness around how to avoid detection and conduct operations with minimal operational risk
  • Familiarity with CREST / STAR / TIBER etc. and regulatory / compliance requirements in relevant geographies
  • Proven experience in threat intelligence ingestion, scenario design, mapping to relevant threat actors
  • Excellent written and verbal communication skills and able to produce high quality reports, executive summaries, interact with senior leadership, legal, compliance etc.
  • Good project / operations management skills with an eye for budgeting, scheduling, resource allocation, interfacing external/internal teams
  • Ability to make real-time decisions under pressure, to balance risk vs reward
Job Responsibility
Job Responsibility
  • Lead multiple concurrent Red Team engagements across industries
  • Define, negotiate and document scope, objectives, rules of engagement, deliverables, constraints, escalation & approval pathways
  • Oversee milestone planning e.g. kick-offs, stand-ups, wash-ups, strategic debriefs
  • Manage resources e.g. operator assignments, tooling, support functions
  • Track engagement progress vs objectives, adjust as needed
  • Assess and manage technical risk ensuring that any red team activity minimises risk to customer operations, data, systems
  • Real-time decision making during operations around TTP deployment, bypass of defenses, managing detections or unexpected discovery
  • Review and approve attack plans, threat modelling, intelligence
  • Ensure operators employ strong operational security (OpSec), safe tradecraft, evidence collection, clean up post-engagement
  • Maintain up-to-date knowledge of Red Team tools, adversary TTPs, defensive controls, detection systems
Read More
Arrow Right

Senior Linux Engineer

FinXL by Randstad Digital focuses on accelerating client's digital transformatio...
Location
Location
Australia , Parramatta
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Senior Linux Engineer
  • Experience as in L3-level RHEL versions 6, 7, 8, and 9 and/or Oracle Linux in a large enterprise
  • Experience in RHEL Satellite -version 6 for managing a large fleet, including experience with the 'hammer' CLI
  • Experience in Ansible Automation- Red Hat Ansible- AAP including writing and running complex playbooks for system automation
  • Experience in major-version Linux upgrades - LEAPP
  • Experience in Core Infrastructure
  • Experience in VMWare virtualisation
  • Experience with Microsoft AD integration
  • Experience in Java and JBoss
  • Experience designing, building, and maintaining the Linux Standard Operating Environment-SOE, including host and server build-outs
Job Responsibility
Job Responsibility
  • Join Our Team as a Senior Linux Engineer for critical infrastructure uplift and fleet management projects
Read More
Arrow Right

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Staff Offensive Security Engineer

At GEICO, we offer a rewarding career where your ambitions are met with endless ...
Location
Location
United States , Chevy Chase; Palo Alto; Seattle
Salary
Salary:
115000.00 - 230000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Mastery of vulnerability discovery and exploitation across applications, networks, and cloud using tools (e.g., Burp Suite, Metasploit), and custom scripts (Python, PowerShell)
  • Advanced understanding of OWASP, MITRE ATT&CK framework, software development lifecycle (SDLC), threat modeling, red/purple teaming, and attack path development
  • Hands-on experience with tools like Cobalt Strike, Mythic, BloodHound, and AutoSploit
  • Relevant professional security certifications (e.g. from GIAC or others)
  • Proven experience in achieving results efficiently through automation and establishing best practices
  • Proven track record to deliver business outcomes for meeting regulatory and compliance obligations
  • Ability to force multiply through coaching and mentorship to offensive security engineers across all functions (penetration testing, red teaming, purple teaming)
  • 8+ years in engineering focused role, preferably in the tech industry
  • 5+ years of experience in offensive security (penetrating testing, red team, and purple team)
  • 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities
Job Responsibility
Job Responsibility
  • Lead highly effective large-scale penetration testing initiatives
  • Participate in simulating real-world cyber-attacks (red teaming), and collaborating with defensive security teams (purple teaming)
  • Conduct tactical security penetration test assessments to validate the security of company applications (web, mobile, APIs, and AI products) against OWASP Top 10 threats and work with the Application Security team to provide feedback and recommendations to increase automated capabilities
  • Ensure penetration testing activities are meeting security, business, and compliance objectives and outcomes
  • Design and execute advanced threat emulation scenarios, including physical, social, and digital attack vectors
  • Collaborate with Blue Teams, Threat Intelligence, and Risk Management to ensure comprehensive attack coverage and feedback loops
  • Ensure operations align with industry regulations and compliance standards such as NIST, PCI DSS, and NYDFS
  • Champion continuous improvement and innovation in penetration testing, adversary simulation techniques, tools, and methodologies
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right