Principal Security Software Engineer

MicrosoftRedmond, WA
2d
Match Resume

About The Position

As a Security Software Engineer on the Copilot Security Team, you will serve as a Principal level technical leader responsible for designing, building, and governing security‑critical software systems that protect Microsoft’s agentic and autonomous AI experiences at scale. You will operate across the full Copilot security lifecycle—threat discovery → architectural design → mitigation engineering → production integration → continuous validation—delivering durable, reusable security defenses rather than one‑off fixes. This role combines deep hands‑on engineering with system‑level security thinking, enabling the team’s mission to deliver secure‑by‑design architecture for Copilot across products and integrations. Success in this role is measured by measurable risk reduction, improved platform resilience, and the long‑term sustainability of Copilot’s security posture—not by isolated vulnerability closures. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Requirements

  • Bachelor's Degree in Computer Science or related technical field AND 8+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience.
  • Experience serving as a technical lead or architectural reviewer for security‑sensitive systems across multiple services or teams.
  • Experience conducting vulnerability research, red teaming, or adversarial testing, including identifying novel or emerging attack classes.
  • Experience participating in or leading incident response, post‑incident analysis, and translating incidents into durable, reusable security improvements.
  • Experience designing reusable, platform‑level security solutions that eliminate classes of vulnerabilities rather than one‑off fixes.
  • Experience establishing or operating risk management frameworks, including maintaining risk registries, defining mitigation priorities, and tracking measurable risk reduction.
  • Experience building or operating security metrics, dashboards, or evaluation pipelines that demonstrate real‑world security impact.
  • Experience mentoring senior engineers through design reviews, threat‑model coaching, or architectural guidance.
  • Experience securing AI‑driven, agentic, or tool‑invoking systems, including prompt‑based architectures or orchestration layers.
  • Experience communicating security architecture decisions and tradeoffs to engineering leadership, PM/TPM, and executive stakeholders.
  • Ability to operate effectively in highly ambiguous, fast‑evolving security environments, particularly those involving autonomous or generative AI systems.
  • Willingness to engage deeply across organizational boundaries to drive durable security outcomes.
  • Work‑site requirements vary by location and follow organizational guidance.
  • This role may involve working with sensitive or confidential AI model data in accordance with Microsoft Responsible AI and Security policies.
  • Experience designing, building, and operating security‑critical software systems in production, including responsibility for correctness, availability, performance, and long‑term maintainability.
  • Experience leading threat modeling efforts for complex, distributed systems and driving mitigations from design through production deployment.
  • Experience identifying, analyzing, and remediating security vulnerabilities in collaboration with security response, red team, or incident response partners.
  • Experience building or contributing to security defenses such as enforcement layers, guardrails, detection, monitoring, or evaluation tooling in production environments.
  • Experience working with distributed systems, including service‑to‑service communication, identity, authorization, telemetry, and failure isolation.
  • Ability to meet Microsoft, customer, and/or government security screening requirements.

Nice To Haves

  • Master's Degree in Computer Science or related technical field AND 12+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR Bachelor's Degree in Computer Science or related technical field AND 15+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience.

Responsibilities

  • Act as a technical authority for security engineering decisions across Copilot services, shared platforms, and integrations.
  • Lead threat modeling for complex, distributed, and agentic systems, identifying systemic risks rather than isolated flaws.
  • Drive vulnerability research, exploit analysis, and red‑team collaboration to surface novel and emerging attack classes.
  • Participate in and lead aspects of incident response, post‑incident analysis, and translation of incidents into durable mitigations.
  • Design and ship security defenses in production, including enforcement layers, guardrails, monitoring, detection, and evaluation tooling.
  • Build reusable security modules and services that can be adopted broadly across Copilot components (BizChat, Office Apps and agents).
  • Define and review security architecture patterns, influencing both new feature design and remediation of legacy systems when incremental fixes are insufficient.
  • Establish and operate risk management frameworks, including maintaining and prioritizing entries in a central risk registry.
  • Translate threats into measurable security requirements, metrics, and dashboards that demonstrate real‑world risk reduction.
  • Drive continuous validation through telemetry, monitoring, and evaluation pipelines, closing the loop from discovery to evidence.
  • Partner deeply with adversarial testing, applied science and evaluation, and embedded engineering squads to deliver end‑to-end security outcomes.
  • Mentor senior and mid-level engineers through design reviews, threat‑model coaching, and architectural guidance.
  • Communicate complex security tradeoffs clearly to engineering leadership, PM/TPM, and executive stakeholders.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Principal Security Software Engineer job opportunities

Principal Software Engineer- Security
Microsoft
Microsoft • Redmond, WA8d
Principal Security Software Engineer
HP
HP • Spring, TX6d
Principal Software Engineer, Security
Coalition, Inc.
Coalition, Inc.3d
🔥 New JobPrincipal Security Software Engineer
Apple
Apple • Seattle, WA21h
Principal Security Software Engineer
HP
HP • Spring, TX6d
Principal Software Engineer, Security
Coalition, Inc.
Coalition, Inc.3d • $183,000 - $253,300 • Remote
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service