Principal Platform Security Architect at Microsoft

Redmond, Washington, United States -

Full Time

Start Date

Immediate

Expiry Date

18 Feb, 26

Salary

0.0

Posted On

20 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Assurance, Vulnerability Assessment, Penetration Testing, Hardware Security, Firmware Security, Cryptography, Secure Boot, Secure Firmware Updates, Incident Response, Problem Solving, Analytical Skills, C/C++, Embedded Systems, Windows, Linux, Secure Communications

Industry

Software Development

Description

Lead security assurance by running in-depth security assessments and audits, uncovering hidden vulnerabilities, and shaping robust mitigation strategies that keep our platforms resilient against evolving threats. Shape the future of cloud security by contributing directly to our Azure hardware and firmware security roadmap, collaborating with world-class experts across Azure and our supplier ecosystem to drive next-generation protections. Be the architect of trust by creating comprehensive system threat models and partnering with cross-functional teams to weave security into every layer and component of the platform. Champion security by design, partner with cross-functional teams to embed security throughout the development lifecycle (SDL) and into the very foundation of our platform architecture. Set the bar for trust, define and evolve security policies, procedures, and standards that safeguard the Azure platform at scale. Be on the front lines, collaborate with incident response teams to investigate security events, drive rapid remediation, and strengthen defenses. Empower builders and operators — provide actionable security guidance to engineering and operations teams, ensuring secure innovation without slowing momentum. Stay ahead of the curve, track cutting-edge security trends, emerging threats, and breakthrough technologies to keep our platform one step ahead. Embody our culture and values. Bachelor's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience. 6+ years of professional experience in hardware and firmware security. Proficient understanding of hardware and firmware design principles and practices. Experience with vulnerability assessment and penetration testing. These requirements include, but are not limited to, the following specialized security screenings: Experience with hardware security modules (HSMs), secure boot, secure firmware updates, attestation, secure recovery and secure debug workflows at scale Working experience designing or implementing industry-standard security protocols, including secure communications (e.g., TLS, HTTPS), cryptographic algorithms, public key infrastructure, and key management technologies. SoC security — designing and securing silicon platforms at the heart of cloud-scale systems. Applied cryptography — from today's proven methods to tomorrow's breakthroughs in post-quantum crypto, building resilience against even the most advanced adversaries. Supply chain security — safeguarding trust from silicon fabrication to firmware deployment, ensuring end-to-end integrity across complex ecosystems. The successful candidate should have experience with C/C++ (Rust is a plus), Embedded Systems, Hardware peripherals, and Windows or Linux Experience with penetration testing Proficient problem-solving and analytical skills. Proficient written and verbal communication skills.

Responsibilities

Lead security assurance by conducting in-depth security assessments and audits while shaping robust mitigation strategies. Collaborate with cross-functional teams to embed security throughout the development lifecycle and define security policies that safeguard the Azure platform.