The Trust and Integrity Protection (TrIP) team supports the company’s overall security and privacy mission by providing key security services that help protect systems, services, data.Are you passionate about identifying security vulnerabilities and risks in enterprise-scale systems with specific focus on Artificial Intelligence? Do you want the challenge of conducting penetration tests against some of the world’s most cutting-edge technology implementations? Are you a red teamer and interested in Artificial intelligence (AI) and excited about technology like GPT4? Do you want to find and exploit security vulnerabilities in Microsoft’s largest AI systems impacting millions of users?The TrIP Offensive Cyber Security Team is an interdisciplinary group of internal penetration testing and offensive security team, tasked with identifying security flaws across the entire Microsoft Customer and Partner Solutions (MCAPS) technology estate.We are looking for a AI Penetration Tester Team Lead - Offensive Cybersecurity Team to help make AI security better.Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.Responsibilities
Drive divisional long-term security objectives and strategies, tailored to the unique risks of a global sales, consulting, and support division, and translate them into practical execution plans.
Lead and Motivate Team Members: Inspire and guide the team to meet set objectives and ensure high performance. This includes providing the necessary support (mentoring) to achieve objectives and goals.
Develop and Implement Strategies: Create and execute strategies that the team will use to reach its goals. This involves planning and organizing tasks effectively.
Provide Training and Development: Identify training needs and provide opportunities for team members to enhance their skills to ensure the team is well-equipped to handle the challenges of AI penetration testing.
Facilitate Communication and Collaboration: Ensure open communication within the team and with other teams and stakeholders.
Monitor Operations: Regularly assess the operational performance of the overall team. Provide feedback and make necessary adjustments to improve efficiency and effectiveness.
Lead team missions and efforts to discover and exploit vulnerabilities in AI systems to assess their security.
Provide leadership support of offensive operations on production AI systems using real-world adversarial tactics to identify failures.
Develop and enhance tools and techniques to scale and accelerate offensive emulation and vulnerability discovery for AI systems.
Collaborate with various teams to influence the measurement and mitigation of vulnerabilities in AI systems.
Conduct research on new and emerging threats to inform the organization, including prompt injection, and improve penetration testing efficacy and accuracy.
Stay current with penetration testing tools, methodologies, tactics, and mitigations through continuous research.
Develop, operationalize, and maintain penetration testing procedures and methodologies.
Produce high-quality papers, presentations, and recommendations for key stakeholders.
Collaborate with other Offensive Security personnel at Microsoft to leverage the latest trends and identify opportunities for attack.
Lead the discovery of problems and identification of vulnerabilities in Generative AI and AI systems.
Embody our culture (https://careers.microsoft.com/v2/global/en/culture) and values (https://www.microsoft.com/en-us/about) .
QualificationsRequired Qualifications
Bachelor's Degree in Computer Science, or related technical discipline AND 4+ years technical engineering experience with coding in languages including, but not limited to, C, C, C#, Java, JavaScript, PowerShell, or Python
OR equivalent experience.
3+ years of combined experience in planning, organizing, and developing offensive cybersecurity capabilities in areas like cybersecurity architecture, engineering, software development, or technical risk consulting.
3+ years of experience as a team lead or functional leader of security professionals in a fast-paced, technical organization AND identifying security vulnerabilities, understanding the software development lifecycle, large-scale computing, modeling, cybersecurity, and anomaly detection.
2+ years of experience using common penetration testing tools such as Kali Linux, Burpsuite, Nmap, and Nessus
Additional or Preferred Qualifications
Bachelor's Degree in Computer Science or related technical field AND 8+ years technical engineering experience with coding in languages including, but not limited to, C, C, C#, Java, JavaScript, or Python
OR Master's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C, C#, Java, JavaScript, or Python
OR equivalent experience.
2+ years experience Penetration testing qualifications; GPEN/GXPN, GWAPT, OSCP/OSCE, CRT/CCT/CCSAS.
Microsoft Azure Certifications; AZ-900, AZ-500.
Software Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-payMicrosoft will accept applications for the role until December 19, 2024.#EDOTJobsMicrosoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .