Principal Offensive Security Engineer - AI Red Team

Key Skills

Aartificial intelligence, ASP.net, C# Programming, C++, Cloud computing, Cyber Security, GoLang, JavaScript, Machine learning techniques, NeurIPS, Python Programming, SDLC, Software Development

Job Description

Overview

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Are you a red teamer and interested in Artificial intelligence (AI) and excited about technology like GPT4? Do you want to find and exploit security vulnerabilities in Microsoft’s largest AI systems impacting millions of users? Join Microsoft’s AI Red Team where you'll emulate real-world attacks against Microsoft’s big AI systems. We are an interdisciplinary group of red teamers, adversarial Machine Learning (ML) researchers and software developers with the mission of proactively finding failures in Microsoft’s big bet AI systems. You will red team AI models across Microsoft’s AI portfolio including Bing Copilot, Security Copilot, Github Copilot, Office Copilot and Windows Copilot. More about our approach to AI Red Teaming: https://www.microsoft.com/en-us/security/blog/2023/08/07/microsoft-ai-red-team-building-future-of-safer-ai/

We are looking for Princioal Offensive Security Engineer for our team to help make AI security better and help our customers expand with our AI systems

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Qualifications

Required Qualifications:

• 7+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, or adversarial machine learning.

Other Requirements

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualification:

• Demonstrated impact in Application Security, Penetration Testing, or other related field. 
• Experience using penetration testing tools, including any of the following: Nessus, NMAP (Network Mapper), Metasploit, Burp Suite Pro, etc. 
• Coding skills, in any of the following languages: C#, Python, C++, Go, PowerShell, ASP.NET, JavaScript 
• Interest in learning about generative AI and foundational models 
• Prior participation in AI Village DEFCON (Defence Readiness Condition) CTFs (Capture the Flag), MLSec (Machine Learning and Security) competition or enjoyed playing with Gandalf!
• Experience with Advanced Persistent Threat (APT) emulation, purple teaming, and/or working with threat intelligence 
• Experience performing reverse engineering 
• OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert), or similar certifications
• Prior experience with Responsible AI 
• Publications in AISec, NeurIPS, FAccT 

Penetration Testing IC5 - The typical base pay range for this role across the U.S. is USD $133,600 - $256,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $173,200 - $282,200 per year.

Responsibilities

• Discover and exploit vulnerabilities end-to-end in order to assess the security of AI systems
• Execute Red Team operations on production AI systems using real world adversarial tactics and techniques to identify failures.