Home
/
Comprehensive
/
Principal Security Engineer
Principal Security Engineer-March 2024
Redmond
Mar 28, 2026
About Principal Security Engineer

  Microsoft Security’s, Digital Security & Resilience (DSR) is looking for a Principal Security Engineer to help us build out the most ambitious and advanced static analysis solution in the world, empowering us to centrally search across all of Microsoft’s code for security vulnerabilities, malicious code, and other security interesting patterns.

  In this role you will contribute to CodeQL’s security ruleset to proactively identify vulnerabilities across Microsoft’s products and services, research new vulnerability patterns, collaborate with Microsoft Security Response Center (MSRC) to rapidly assess billions of lines of code for newly reported vulnerability variants and classes. You will also have the opportunity to research new uses for static analysis, such as back door/malicious code detection and automatic generation of fuzzing test harnesses that will broaden impact and fuel other research. Join us today to leverage your understanding of various programming languages for immense impact both within Microsoft and across the broader software ecosystem.

  Responsibilities

  • Develop new detections for security vulnerabilities in QL, the language powering CodeQL

  • Research new security vulnerability patterns, and support MSRC when new patterns are reported to them

  • Research and implement novel uses of Static Analysis, and help shape the feature development in CodeQL

  • Collaborate with other areas of subject matter expertise such as Responsible AI, Privacy, and Accessibility, to aid them in similarly empowering developers with high quality analysis for their areas.

  • The team is primarily US based, though collaborates with the core CodeQL product team primarily based in Western Europe. The position can be fully remote, however the candidate is expected to have a workday that overlaps with the morning and early afternoon Pacific time.

  Qualifications

  Required Qualifications

  7+ years experience in software development lifecycle, large scale computing, modeling, cyber security, anomaly detectiono OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field

  o OR equivalent experience.

  5+ years experience with security vulnerability patterns

  5+ years experience with C/C++ 1+ years of experience with Rust, C#, JavaScript/TypeScript, Java, Kotlin, Python, Go, Swift, or Ruby

  Other Requirements

  Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

  Microsoft Cloud Background Check. This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

  Preferred Qualifications

  Experience with static analysis, symbolic execution, or comparable code analysis technologies.

  Familiarity with CodeQL is great (you are going to be working with it a lot, so highly recommend spending some time playing with it to see if that's what you want for your career)

  Experience authoring detections for static analyzers or Linters

  Experience training or mentoring others

  Experience researching security vulnerability patterns

  Security Assurance IC5 - The typical base pay range for this role across the U.S. is USD $133,600 - $256,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $173,200 - $282,200 per year.

  Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay (https://careers.microsoft.com/v2/global/en/us-corporate-pay.html)

  #MSFTSecurity

  #DSR

  #CodeQL

  #SecurityAnalysis

  #StaticAnalysis

  Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .

Comments
Welcome to zdrecruit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
SIMILAR JOBS
Store Associate
Bring your heart to CVS Health. Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced
First Cook
Job Number 24012587 Job Category Food and Beverage & Culinary Location Marriott Mena House Cairo, 6 Pyramids Road, Cairo, Egypt, Egypt Schedule Full-Time Located Remotely? N Relocation? N Positio
Oracle NetSuite - Account Executive - High-tech Central - Mid-market
Job Description About Oracle NetSuite Do you want to advance your career with the world’s first cloud company? Since 1998, Oracle NetSuite has been on a mission to deliver an agile, unified applicati
Senior Medical Science Liaison - Gastroenterology / Immunology - NJ, MD, VT & NY (Upstate)
By clicking the “Apply” button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Taked
PROGRAM SUPERVISOR - ROAD & BRIDGE
DEADLINE TO APPLY: FEBRUARY 2, 2024 MINIMUM SALARY: $44,346.00 (possibly higher depending on experience) Role and Responsibilities This is responsible supervisory work in directing the operation of t
Occupational Therapist (Mental Health)
Summary This position serves as an Occupational Therapist within the Behavioral Health Inpatient Care Unit (BHICU), under the Mental Health Product Line (MHPL) at VA Northern California Health Care S
Associate Director, U.S. Oncology Marketing Scientific Strategy Women's Cancers (Alliances)
Job Description Our Company's Oncology Marketing team is passionate about bringing our medicines and vaccines to our customers around the world. Our Company and the alliance company entered into a st
Exercise Physiologist - Non-Invasive Cardiology
When you join the growing BILH team, you're not just taking a job, you’re making a difference in people’s lives. Job Type: Regular Scheduled Hours: 32 Work Shift: Day (United States of America) EXERC
Principal Member of Technical Staff
Job Description The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-ten
Store Manager
Who we are: IT’SUGAR was founded to create an environment that fosters the greatest feeling of happiness and humor; that allows you to smile and laugh out loud without judgement. Expanding rapidly, w
OTHERS JOBS
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
zdrecruit Project Management Advertising and Marketing Education Sales
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2026 - www.zdrecruit.com All Rights Reserved