Job Portal Logo
LoginSign Up
🔔 FCM Loaded

Software Engineer II

Microsoft

2 - 5 years

Hyderabad

Posted: 26/10/2025

Getting a referral is 5x more effective than applying directly

Job Description

Overview

Are you looking for a challenge that puts you at the center of the Microsoft Edge + Platform Security Fundamentals (EPSF) strategy? Are you passionate about solving the security challenges of critical online services? Are you passionate about defensive and offensive security?
Microsoft's EPSF (Edge + Platform Security Fundamentals) team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D).The EPSF Services Pentest (SERPENT) team needs an Offensive Security Engineer to increase our business partners' security posture.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Qualifications

• BS or MS in Computer Science, a related field, or equivalent experience
• Strong coding skills
• 4+ years of experience in identifying security vulnerabilities in online services through penetration testing
• Strong background in customizing static, dynamic, and runtime analysis tools.
• Solid verbal and written communication skills.
• Solid teamwork and cross-group collaboration skills.
• Ability to deal with ambiguity.
• Experience in technical disciplines outside security space, including general software development, networking, database management, and full-stack development, is a strong plus.
• Demonstrated coding skills in one or more popular languages and platforms such as: C#, Java, Python, and others.
• Bachelor of science or master’s degree in computer science, software engineering, information security or equivalent work experience.
• CISSP, OSCP, OSWE,GCIA, or SANS certifications is a plus.
 

Responsibilities

EPSF Security has a world-class penetration testing team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and application security and work closely with our defense teams to continually improve our operational awareness.
 

Job responsibilities:

  • Penetration Testing: Identify security vulnerabilities and their variants in critical services using various techniques such as source code reviews, dynamic analysis, operational security assessments etc. and validate software quality following our development standards.
  • Security Automation: Participate in developing static and runtime analysis capabilities to find software security bugs quickly and with high confidence. Push the cutting edge when it comes to automated analysis of managed code and modern web services.
  • Research, Training, and Tool Development: Perform research to stay current with bleeding edge of penetration testing, offensive, and defensive tools, and tactics. Leverage the output of this research for training and awareness acrss EPSF Security and innovation development efforts.

Additional specifics are outlined as follows.

  • Strong hands-on programming experience in C# (.NET Framework and .NET Core), Python, Go, or other comparable languages, with the ability to build custom security tools and automation workflows.
  • Knowledge of Securing AI Systems or Having worked on pentesting AI systems.
  • Experience customizing and writing rules for SAST tools, such as CodeQL or Semgrep, Expert-level proficiency with Burp Suite, including advanced features, automation, custom extensions, and fuzzing techniques
  • Strong expertise in identity and access management (IAM), including OAuth, OpenID Connect, Entra ID applications, authentication and authorization flows, service principal configurations, and proficiency in identifying misconfigurations and potential exploit scenarios
  • Solid understanding of secure development practices, including threat modelling, secure coding standards, vulnerability remediation techniques, supply chain security risks, and CI/CD pipeline misconfigurations
  • Experience with Azure cloud platforms, including cloud infrastructure security and misconfiguration management
  • Familiarity with AI and machine learning security concepts is a plus, including risks such as prompt injection, model poisoning, data exfiltration, and adversarial attacks, as well as strategies for securing AI-powered applications
  • Excellent collaboration and communication skills with a proven track record of working across cross-functional teams

 

About Company

Microsoft Corporation is a leading American multinational technology company founded in 1975 by Bill Gates and Paul Allen. Headquartered in Redmond, Washington, Microsoft is best known for its software products, including the Windows operating system, Microsoft Office Suite, and Azure cloud services. The company also produces hardware like the Surface devices and owns LinkedIn, GitHub, and the Xbox gaming brand. Microsoft is one of the world's most valuable companies, playing a key role in personal computing, enterprise software, AI, and cloud computing.

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more