Last night I got an email from my friend and ACE team member Anmol who is based out of Hyderabad telling me to post up a job description for the positions they are trying to fill in India. We are always on the lookout for security talent, and ACE is a global team. If you think you have what it takes, are located in India and would like to join ACE at Microsoft, why don't you contact us?
The job description is below:
Are you passionate about security? Have you ever wanted the opportunity to be a part of an expert global team delivering application security services at an enterprise level? Can you think outside the box?
If so, then Microsoft Application Consulting & Engineering Team [ACE] wants to hear from you. We’re looking for a passionate and talented candidate to deliver world class security services to Microsoft’s esteemed enterprise level customers.
You will be part of a mobile and shared central pool of highly skilled security technologists based at Hyderabad, and will serve the needs of global clients worldwide.
Your responsibilities will also include developing detailed threat models for complex mission critical applications, providing design/architecture guidance and conducting a security code review for business critical applications.
In addition to uncovering and identifying threats to applications, your expertise will be counted on to help formulate security best practices, processes and application architecture of various customer solutions either onsite or offshore. Finally, you’ll provide key contributions in the design and implement the methodology, tools, techniques and code libraries used by the team and it’s customers to secure the next generation of applications.
In this consulting role, you will work closely with our US based security team, client teams and with partners to help clients derive maximum value building secure solutions using Microsoft technologies and platforms
Qualifications: Candidates must have a minimum of 4 years of experience developing software for the Microsoft platform using programming languages and development platforms including C/C++, C#, VB, VB.NET, and SQL. Candidates should be thoroughly familiar with Microsoft’s development frameworks both past and present which includes, at a minimum, COM, COM+, DCOM, and .NET.
They should also have a minimum of 2 years of experience performing security assessments of computers, networks and/or applications. In depth understanding of well-known attack types such as cross-site script, SQL injection, buffer overflows (both stack and heap based), format string bugs is also required. Additionally, they must have comprehensive knowledge of secure protocols, authentication/authorization controls and cryptographic concepts.
The candidate must demonstrate a deep understanding of network architecture and appliances, including routers, firewalls,, IDS/IPS devices. Excellent communication skills including experience conducting presentations to senior management (CIO, CSO level) is a must. A Bachelors/Masters in Computer Science or related field is preferred and certifications such as CISSP, MCSE are considered a plus. Lastly, a strong work ethic and the desire to assist ACE to deliver high end security solutions is a must.
Microsoft is an equal opportunity employer and supports workforce diversity.