Penetration Tester
About The Position
Do you want to help secure some of Microsoft’s most critical and high‑impact online services? Are you passionate about solving hard security problems, learning offensive security techniques, and building skills that shape the future of secure cloud computing? The Microsoft Specialized Clouds (MSC) Security Fundamentals group is responsible for securing some of Microsoft’s largest and most influential online services. The SERPENT team is looking for a Penetration Tester with strong interest in penetration testing, vulnerability assessment, and security research to help strengthen the security posture of these services. This role is an excellent fit for early-in-career engineers who want to build deep expertise in offensive security while contributing to real‑world impact. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Requirements
- Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field OR equivalent experience.
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
Nice To Haves
- Master's Degree in Statistics, Mathematics, Computer Science, or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field OR equivalent experience.
Responsibilities
- Penetration Testing
- Identify security vulnerabilities and variants across critical cloud services.
- Perform source code reviews, dynamic analysis, and operational security assessments.
- Validate software quality and adherence to security development practices.
- Work with engineering and defense teams to improve detection, response, and operational awareness.
- Security Automation
- Contribute to static and runtime analysis capabilities to detect software security issues.
- Help design automated analysis workflows for managed code and modern web services.
- Explore and prototype automation that improves consistency, speed, and depth of security assessments.
- Research, Training, and Tool Development
- Stay current on offensive security tactics, penetration testing tools, and defensive techniques.
- Conduct research that supports training and awareness for internal engineering teams.
- Support innovation efforts across MSC Security, including tooling, methodology improvements, and knowledge sharing.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
