1. Home
  2. Security Software Engineer - Microsoft Security Response Center
Expires soon
Microsoft France

Security Software Engineer - Microsoft Security Response Center

  • UNITED KINGDOM
  • IT development
Apply Now

Job description

https://blogs.technet.microsoft.com/msrc/

How would you like to be on the front lines of Microsoft’s battle with 0-day security vulnerabilities, hackers, and active cyber-attacks? Do you like getting your hands dirty digging into vulnerabilities to learn what makes them tick and how they might be used maliciously?   Do you also enjoy the thought of competing with security researchers around the world searching for never before seen vulnerabilities?  

Microsoft’s MSRC Vulnerabilities & Mitigations group, is looking for a Security Software Engineer to help out on a highly technical team whose mission is to protect 440 million people from software vulnerabilities. Use your knowledge and passion to improve the security of all Microsoft products by playing a critical role in the security updates that ship on the second Tuesday of every month. Work in a team of avid security professionals reading source code, looking at assembly, and developing software to protect Microsoft customers from current and emerging security threats from around the world.

Key Accountabilities

Investigate and document vulnerabilities reported to Microsoft in various products, look for more vulnerabilities in those products, and ensure security patches fix the vulnerabilities properly. Research into new techniques to protect customers, find before the outside world security vulnerabilities or mitigation bypasses and develop new vulnerability mitigations.

We're looking for someone with the below skills / experience:

- Experience finding vulnerabilities, assessing severity and exploitation potential of vulnerabilities

- In-depth knowledge of debugging and reverse engineering unmanaged code

- Able to demonstrate how security vulnerabilities work, E.g. Use after free, heap corruption, type confusion, etc.

- An understanding of exploitation techniques

- Able to find security vulnerabilities via code review, reverse engineering or using tools

- Development skills in C# and C/C++

- The capability to develop vulnerability detection tools such as fuzzers, static analyzers and vulnerability mitigations

- A basic understanding of cryptographic security issues, web application testing, design flaws, and internet browser technologies.

Desirable experience:

- Open Source Software development

- Linux and/or Windows vulnerability research

- Automated vulnerability analysis and other automation of processes

- Compilers

Make every future a success.
  • Job directory
  • Business directory
    •