CASY-MSCCN Jobs

Microsoft is embarking on a new effort to address the growing needs of employees around the world. We are building the Microsoft Viva product suite to address the fundamental shift in how people work, build their career, and find meaning in their workplace. Employee engagement is in flux as a result of economic, demographic, and societal changes. People want to be excited about their work, be connected to their company culture, understand how to succeed, and feel supported across a spectrum of onboarding, skilling, coaching and mentoring. The broader Viva product family is dedicated to examining the employee journey and delivering software and services to make it better.  This role on the Viva Trust team focuses on Viva Goals, which helps drive accountability, transparency, and alignment on goals across organizations. As part of Viva, we have a once in a lifetime opportunity to build a massive business from the ground up and bring purpose, happiness, and productivity to millions.

About this job

The Viva Trust team is responsible for enabling Security, Privacy, Responsible AI and Compliance to be one of the top networks in the world. Our Mission is to build trust with both external and internal customers. We accomplish this by listening to the needs of our customers and creating solutions that are secure, Private by design and compliant.

We are seeking to hire a Senior Application Security Engineer for our Vancouver, BC location. As an engineer on the team, you will be responsible for securing new features including integration features with other products in the M365 suite, ensuring they are compliant with Global regulations and ensure Privacy is shifted left in the process.

Our culture is inclusive, casual, and high energy; our team members come from diverse backgrounds and are grounded in our customer needs. This is a fantastic opportunity to build services and experiences that millions of people worldwide will use at home, at school, at work, and across their daily lives. 

 Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities

• Privacy and Security assessments of platform, data and clients, through code reviews and automation.

• Implementing Privacy, Responsible AI and Security controls and checkpoints to detect and prevent issues early in the software development lifecycle.

• Work with engineering and product teams in the design phase of products and features, conducting threat modeling and performing security architecture and design reviews.

• Help engineering and product teams to understand Security, Responsible AI ,Compliance and Privacy requirements.

• On-call support for escalations.

• Implementing defense in depth mechanisms to prevent Security and Privacy vulnerabilities

• Embody our culture (https://careers.microsoft.com/v2/global/en/culture)  and values (https://www.microsoft.com/en-us/about/corporate-values) . 

Qualifications

Basic/Required Qualifications

• Bachelor's Degree in Computer Science or related technical field AND 4+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or TypeScript.

• OR equivalent experience.

• 4+ years of experience in application Security engineering/Privacy engineering

• 2+ years Experience with application security standards such as OWASP ASVS/Top 10, CWE 25.

• 1+ years experience with common security libraries, security controls, and common security flaws.

Preferred Qualifications/Attributes

• Experience Security and Privacy threat modeling new features

• Outstanding collaboration and partnership skills, with proven ability to drive results across teams.

• Understanding of Responsible AI, Privacy and Compliance regulations such as GDPR, CPRA, SOC 2, ISO27k and others

• Experience of Privacy, Compliance, Responsible AI and Security audits.

• Familiarity with web proxies such as Burp, OWASP ZAP or Fiddler.

• Development or scripting experience. Java, Ruby, Ruby on Rails, GraphQL, REST preferred.

Software Engineering IC4 - The typical base pay range for this role across Canada is CAD $104,000 - CAD $193,200 per year.

Find additional pay information here:

https://careers.microsoft.com/v2/global/en/canada-pay-information.html

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .