Microsoft Corporation Security Engineer in Prague, Czech Republic
The Product Security (ProdSec) Team is responsible for overseeing the security of all the software features developed for Skype, Skype for Business, Microsoft Teams and the GroupMe products. These communication tools are offered in both consumer and enterprise markets and are available across all leading desktop and mobile platforms.
As a member of ProdSec you will provide input and oversight to help build robust and secure solutions that scale to the needs of hundreds of millions of users that depend on these products daily. ProdSec engages with business units helping contribute to designs, review product feature implementation plans, understand cloud environment usage and even help shape test or deployment strategies so that products are created as part of a secure development lifecycle (SDL).
Microsoft is seeking a self-motivated and dynamic individual to be part of ProdSec to engage with teams to promote security awareness, encourage a defensive mindset, influence their processes and priorities and provide expert security guidance.
Work in an agile development environment and partner with engineering and product teams to ensure that new product feature development adheres to security best practices
Conduct regular security reviews of both software and processes; conduct periodic code reviews and educate the engineering teams on best practices for writing secure code
Review and create threat models; promote security training and awareness in the organization
Coordinate remediation of any application security weaknesses uncovered
Evaluate and promote the use of automation tools to assist manual reviews in identifying issues
Conduct penetration testing or interact with penetration testers and other external vendors to validate that security controls work as expected
Full understanding of web stack, web security and common vulnerabilities
Development skills to facilitate code reviews or tool development
Domain expert in security with respect to web development and enterprise app development
Good understanding of cloud technologies
Basic penetration testing skills
Experience with automation tools and deployments
Excellent verbal and written communication skills
Leadership qualities including the ability to work effectively with cross-functional teams and able to consider diverse opinions
A working knowledge of Agile Development methodology
Understanding of SDL and mobile experience is a plus
BS or MS degree in Computer Science or Engineering OR equivalent years of relevant work experience
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations, and ordinances.
If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to firstname.lastname@example.org.