Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping our engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping our customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.
Required Qualifications:
2+ years of hands-on experience in security research with offensive mindset.
2+ years of In depth understanding of cloud or OS attacks, threat modelling complex systems, vulnerability discovery.
2+ years of experience of hands-on exploiting bugs and bypassing security mitigations and with offensive mindset of either Linux, Windows or embedded security.
2+ years of development, experience with multiple different languages including Python/C#/Golang.
Other Requirements:
Our Cloud Background Check: This position will be required to pass the Cloud Background Check upon hire/transfer and every two years thereafter.
Preferred Qualifications:
Familiar with industrial Red Team techniques.
Familiarity with cloud architecture.
Familiarity with security research on cloud environments.
System design knowledge.
Outstanding team player with cross-group collaboration skills and communication skills.
