Join to apply for the Senior Penetration Tester - Identity role at Microsoft2 days ago Be among the first 25 applicantsJoin to apply for the Senior Penetration Tester - Identity role at MicrosoftSecurity represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.The IDSEC Security team is a specialized group dedicated to safeguarding our identity products and the services that support them. We partner closely with development and operations teams to continuously improve the security posture of both customer-facing applications and our internal network. Our mission To proactively uncover and remediate vulnerabilities before they can be exploited—by executing thorough, context-driven penetration tests against complex systems and services. What we do day-to-day Threat-informed testing: We start each assessment by reviewing existing security collateral—threat models, design documents, past findings—to build deep contextual understanding. Tailored engagement: Using that context, we craft and execute high-quality pentests that focus on the most critical components of our identity platform and underlying infrastructure. Collaborative remediation: We deliver actionable findings and work hand-in-hand with engineering teams to validate fixes and ensure our defenses stay one step ahead of attackers.Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.ResponsibilitiesWhat We’re Looking For in a Senior Penetration Tester:Deep understanding of high-throughput, multi-tenant architectures.You’ve tested and hacked services at scale, and know how isolation boundaries can be stressed and bypassed.Careful test design: You break down complex systems into testable components, anticipate failure modes, and craft attacks that target realistic threat scenarios.Robust error handling exploitation: You recognize when error paths leak data or state, and you know how to turn gracefully handled failures into vulnerability discoveries.Clean, modular tooling skills: Your proof-of-concept exploits and custom scripts are well-structured, maintainable, and include tests to validate correctness.Automated and manual testing balance: You know when to write a quick fuzz harness or automated scanner, and when to roll up your sleeves for deep, hands-on manual analysis.Collaboration and communication: You partner seamlessly with developers and engineers—sharing clear, actionable findings and reproduction steps, and helping shepherd fixes to completion.Passion for continuous improvement: You stay current on emerging pentesting techniques, contribute to security tooling, and mentor peers to raise the bar across the team.Conduct security assessments of cutting-edge Identity products (e.g. Azure Active Directory) Lead threat-modeling sessions to identify and document design-level security issues Perform security code reviews across multiple languages and frameworks (C#, C/C++, .NET Core MVC)Analyze and exploit OAuth implementations, uncovering common and edge-case vulnerabilitiesOwn end-to-end pentest engagements: scoping, execution, and delivery of clear, actionable remediation guidancePartner with internal stakeholders to manage engagement workflows, timelines, and expectationsProduce high-quality written reports and communicate findings effectively to service teamsQualificationsRequired:Experience in vulnerability research, application pentesting, or red teamingProven track record conducting complex pentests in a professional settingHands-on experience developing or programming security tooling during assessmentsQualifications - Other RequirementsAbility to meet Microsoft, customer and/or government security screening requirements are required for this role.These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.HM Qualifications OtherBachelor’s degree (or equivalent experience) in Software Engineering, Security Engineering, or Security Consultancy Hands-on Azure cloud pentesting experienceProficiency in at least one scripting language (e.g., Bash, Python)Proficiency in or strong understanding of a web programming language/framework (C#, .NET Core MVC, C/C++) 8+ years of pentesting or vulnerability research experienceDeep knowledge of low-level concepts and advanced vulnerability research techniquesExperience with modern AI/LLM-driven, agentic approaches to problem solving#ThreatModeling #SecurityEngineering #MSFTSecurity #CloudSecurityMicrosoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.Seniority levelSeniority levelNot ApplicableEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyIndustriesSoftware DevelopmentReferrals increase your chances of interviewing at Microsoft by 2xGet notified about new Penetration Tester jobs in Dublin, County Dublin, Ireland.Dublin, County Dublin, Ireland 2 days agoDublin, County Dublin, Ireland 1 week agoDublin, County Dublin, Ireland 3 weeks agoDublin, County Dublin, Ireland 16 hours agoDublin, County Dublin, Ireland 15 hours agoDublin, County Dublin, Ireland 5 hours agoDublin, County Dublin, Ireland 5 hours agoDublin, County Dublin, Ireland 1 month agoDublin, County Dublin, Ireland 2 weeks agoDublin, County Dublin, Ireland 4 weeks agoDublin, County Dublin, Ireland 2 days agoDublin, County Dublin, Ireland 1 week agoDublin, County Dublin, Ireland 3 days agoDublin, County Dublin, Ireland 11 hours agoDublin, County Dublin, Ireland 3 days agoDublin, County Dublin, Ireland 3 days agoDublin, County Dublin, Ireland 5 days agoDublin, County Dublin, Ireland 11 hours agoDublin, County Dublin, Ireland 1 month agoDublin, County Dublin, Ireland 14 hours agoDublin, County Dublin, Ireland 5 days agoSenior Security Analyst, Vulnerability Coordination CenterDublin, County Dublin, Ireland 2 weeks agoDublin, County Dublin, Ireland 3 months agoDublin, County Dublin, Ireland 2 weeks agoDublin, County Dublin, Ireland 3 months agoDublin, County Dublin, Ireland 20 hours agoDublin, County Dublin, Ireland 3 weeks agoDublin, County Dublin, Ireland 14 hours agoInformation Security Analyst (GRC Analyst)Dublin, County Dublin, Ireland 2 weeks agoDublin, County Dublin, Ireland 2 days agoCloud Infrastructure & Security EngineerDublin, County Dublin, Ireland 1 month agoDublin, County Dublin, Ireland 16 hours agoPrivacy Operations Analyst- Global Security and Risk Management, IrelandDublin, County Dublin, Ireland 2 weeks agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr