This job ad has been posted over 30 days ago...



Application Security Engineer Role Full-time

at Microsoft in Hyderabad (Published at 30-12-2015)

Do you like hacking?

Does finding security flaws in design and implementation of applications and platforms excite you?

Do you regard yourselves as an out-of-the-box thinker?

If yes, then we are looking for you to join us as a Security Consultant/Analyst in the ISRM India ACE team!

The Assessments Consulting & Engineering (ACE) team is part of Microsoft IT Information Security & Risk Management (ISRM) organization and focuses on security assessments of applications, systems and infrastructure. We deliver security consulting and advisory services to Microsoft’s internal businesses and to external customers/partner organizations (via security design reviews, code reviews, penetration testing and privacy assessments) with the goal to ensure that applications, systems and infrastructure adhere to the highest standards of security engineering, are compliant with security policy and protect corporate business data and intellectual property in a risk-optimized manner.

Security Engineer Responsibilities:

As a consultant in ACE, you will be expected to work closely with IT business process units to assist them in optimizing IT security related risks via technical assessments and remediation recommendations for failed controls. In this role you will also be expected to serve as the security champion/trusted advisor for one or more business process units. You will engage with businesses in all of the different lifecycle stages of applications/solutions — starting from early conception all the way through requirements definition, design, implementation, testing, staging and operations stages.

You will also work on external consulting projects for Microsoft’s top-ranked customers and partners providing a gamut of security consulting services such as design reviews, threat modeling, security maturity assessments, code reviews, infrastructure assessments, etc. (The external consulting projects will require travel for on-site service delivery.)

Working with ACE will give you the opportunity to hone your security knowledge and consulting skills alongside some of the best security consultants in the world! It will tremendously improve your technical understanding of information security across a variety of platforms and broaden your perspective of security requirements for scenarios and solutions in various industries in today’s “mobile first, cloud first” era. It will also give you a well-rounded exposure to IT security in the enterprise (via an improved understanding of Governance, Risk & Compliance (GRC), Security Operations, Security Tools, Privacy, Security Infrastructure Assessments, Security Maturity Assessments, etc.).

Education & Experience:

A bachelor’s degree in Computer Science/Engineering is required.

3-5 years of work experience in Software Development with strong knowledge of secure software development processes and techniques…specifically the following:

  • Strong understanding of what it takes to build secure applications and secure systems on a mainstream platform (ideally Microsoft.Net)
  • Solid foundation of common software vulnerabilities and their mitigation techniques
  • Good knowledge of cryptography – especially the ability to use of primitives in a design situation
  • Working knowledge of security tools such as Fortify, Nessus, Qualys, etc.
  • Knowledge of these is a bonus – Application development on Windows Azure, Office 365, etc.
  • Experience as a software tester is a bonus

Note: Applications have been closed.

Recent jobs at Microsoft

Viewed: 2064 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend