Red Team Penetration Tester - Offensive Cybersecurity Team

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

• As a Red Team Penetration Tester - Offensive Cybersecurity Team, you will discover and exploit vulnerabilities end-to-end in order to assess the security of AI systems.
• Execute Red Team and Penetration Testing operations on production AI systems using real world adversarial tactics and techniques to identify failures.
• This candidate will possess solid technical skills, coupled with a passion for identifying security flaws and developing innovative solutions.
• Develop tools and techniques to scale and accelerate offensive emulation and vulnerability discovery specific for AI systems.
• Collaborate with teams to influence measurement and mitigations of these vulnerabilities in AI systems and generative AI solutions.
• Research new and emerging threats to inform the organization including prompt injection, improve Red Teaming efficacy and accuracy, and stay relevant.
• Perform research to stay current with penetration testing tools, methodologies, tactics, and mitigations.
• Develop, operationalize and maintain penetration testing procedures and methodologies.
• Produce high-quality papers, presentations, as well as recommendations to key stakeholders.
• Research new and emerging threats to inform the organization, improve Red Teaming efficacy and accuracy, and stay relevant.
• Assist other team members and Penetration Testers at Microsoft in offensive techniques and approaches.
• Team up with other Offensive Security personnel at Microsoft to leverage the latest trends, and identify good opportunities for attack.
• Discovery of Problems/Identifying Vulnerabilities in Generative AI and AI systems.
• Embody our culture and values.

Qualifications

• Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, PowerShell or Python
  • OR equivalent experience.
• 3+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
• 3+ years of experience of using common penetration testing tools; Kali Linux, Burpsuite, Nmap, Nessus, etc.

• Penetration testing qualifications; GPEN/GXPN, GWAPT, OSCP/OSCE, CRT/CCT/CCSAS.
• Microsoft Azure Certifications; AZ-900, AZ-500.
• Effective written and verbal communication skills.
• Proficient technical writing and presentation skills.
• Proficient in developing novel tooling and techniques, as well as utilizing existing methodologies, a Red Teamer should consistently explore possibilities and persistently push the boundaries.

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.