Senior Security Engineer

Job Description

Overview

The Microsoft Offensive Research & Security Engineering (MORSE) organization is seeking a Senior Security Engineer to advance Microsoft’s runtime vulnerability detection capabilities across Windows, Azure, and Microsoft’s broader platform ecosystem. You will design, maintain, and scale the sanitizers and instrumentation technologies that help engineering teams discover critical security vulnerabilities early in the development lifecycle.

MORSE secures Microsoft’s operating systems, cloud platforms, and virtualization technologies used by over a billion customers worldwide. You’ll work closely with partner teams across Windows, Hyper‑V, Azure, and developer-tooling to integrate dynamic analysis such as Address Sanitizer as well as code-coverage instrumentation into large‑scale build, validation, and fuzzing workflows.

This role is an excellent opportunity for engineers who enjoy deep systems work, solving complex debugging challenges, and delivering high‑impact security improvements across Microsoft’s products.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability.

Responsibilities

• Evolve and maintain Microsoft’s dynamic detection and sanitizer stack (e.g., ASAN, SanCov), ensuring broad coverage across user‑mode and kernel‑mode components.
• Identify gaps in runtime bug detection and develop new detection techniques, instrumentation strategies, or sanitizer variants to catch classes of memory safety, concurrency, race, and API‑misuse bugs at scale.
• Improve performance, stability, and usability of sanitizers — reducing overhead, eliminating false positives, and enabling teams to run sanitizers continuously in their dev and CI workflows.
• Collaborate with feature teams, tooling developers and scaling engineers to upstream sanitizer support, improve build system integration, and ensure that large repos build cleanly with sanitizers enabled.
• Drive broad adoption across Windows and Azure engineering teams, including scaling rollout, integrating signals into branch health, and reducing technical debt from sanitizer‑discovered bugs.

Qualifications
Required Qualifications:

• Substantial industry experience in software development or security engineering.
• Experience programming in a systems language (C, C++, or Rust).

Other Requirements:

• Microsoft Cloud Background Check:
  • This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Hands‑on experience with memory safety or concurrency debugging, dynamic analysis, or runtime instrumentation.
• Experience working with compile time instrumentation such as the sanitizers or equivalent technologies.
• Strong understanding of operating system fundamentals, particularly memory management, concurrency, and build systems.
• Experience with Windows kernel, low‑level debugging, or vulnerability research.
• Familiarity with large‑scale CI systems, build orchestration, and engineering productivity tooling.
• Exposure to fuzzing frameworks, coverage instrumentation, or hybrid static‑dynamic detection technologies.
• A public track record of security research or contributions to dynamic analysis tooling (open‑source or academic).

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.