Principal Security Operations Engineer - CTJ - Top Secret

Microsoft-posted 3 months ago
$139,900 - $274,800/Yr
Full-time • Principal
Redmond, WA
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. The IAM Protect team secures Microsoft's most critical cloud services by reducing risks in the Trusted Computing Base (TCB). We focus on identifying adversary tactics and breach paths, driving structured risk burndown, and ensuring critical telemetry is consistently available for detection and response. We are hiring a Principal Security Operations Engineer to lead efforts to operationalize TTP burndown campaigns and expand telemetry coverage across TCB services. The ideal candidate brings a strong security engineering background with hands-on technical depth, combined with the program management skills to coordinate across engineering teams, prioritize risk reduction, and deliver durable outcomes at scale. You will shape how we quantify and mitigate top risks, while ensuring telemetry pipelines are resilient, validated, and usable for hunt and investigation teams. This role is both technical and strategic - perfect for someone who thrives at the intersection of security operations, data, and engineering.

  • Lead structured risk reduction campaigns by converting adversary tactics (TTPs) and breach paths into prioritized cohorts and driving execution until closure.
  • Build and scale telemetry coverage across critical services, ensuring validated, reliable data is available for our security response efforts.
  • Investigate security incidents, help contain threats, and provide technical support for high-impact response efforts.
  • Partner across engineering and security teams to coordinate cross-team efforts, resolve blockers, and accelerate progress on high-impact initiatives.
  • Apply a data-driven approach to define, track, and report risk metrics, giving leaders clear visibility into progress and gaps.
  • Integrate AI/ML solutions into security operation for intelligent incident triage, control validation, and telemetry analysis.
  • Serve as a technical advisor and mentor to security engineers, sharing best practices for automation and secure-by-design patterns.
  • Drive automation and efficiency by improving pipelines, validation frameworks, and onboarding flows to reduce manual effort.
  • Gain deep exposure to the most sensitive services and systems, working at the intersection of security operations, engineering, and executive decision-making with direct impact on Microsoft's cloud security posture.
  • Bachelor's Degree in Statistics, Mathematics, Computer Science or related field OR 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response.
  • Active U.S. Government Top Secret Security Clearance.
  • Ability to meet Microsoft, customer and/or government security screening requirements.
  • Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field OR 10+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, Security+ certifications.
  • Experience building automated solutions for vulnerability management, threat detection, and security configuration drift.
  • Understanding of security graph models, adversary techniques, attack path analysis, or breach path quantification.
  • Hands-on experience with automation of telemetry/logging pipelines to validate security coverage at scale.
  • Demonstrated expertise in identity, secrets, or infrastructure security.
  • Experience with AI/ML in security contexts, such as anomaly detection, predictive modeling, or triaging security signals using large datasets.
  • Proficiency in Kusto/KQL and the ability to design and build tooling that scales across environments and teams.
  • Industry leading healthcare
  • Educational resources
  • Discounts on products and services
  • Savings and investments
  • Maternity and paternity leave
  • Generous time away
  • Giving programs
  • Opportunities to network and connect
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Operations Engineer Resume Examples
Operations Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service