Security Engineer II – Automation and AI

- Architect and Develop Internal Security Tooling: Design, implement, and evolve secure systems architecture that supports the Regulated Industries internal tooling platform. Leverage automation and intelligent workflows to enhance observability, policy enforcement, and team productivity. - Implement AI-Powered Security Workflows: Integrate AI/ML agents—including Microsoft Security Copilot and LLM-based copilots—into operational pipelines for tasks such as incident triage, control validation, and telemetry summarization. Ensure models and agents are used securely and responsibly. - Orchestrate Security Automation: Lead the design and development of automation solutions across platforms (Azure Monitor, Defender XDR, Entra, Purview). Create scripts, APIs, and orchestrations that reduce manual effort and improve speed and accuracy in security operations. - Tell Stories with Data: Use tools like Jupyter Notebooks, Kusto Query Language (KQL), and Python to query and visualize large-scale security datasets. Translate telemetry into insights and share narratives that influence decision-making across engineering and leadership teams. - Support Compliance and Audit Readiness: Build and maintain solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST 800-53, HITRUST, PCI-DSS, and FedRAMP. - Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals.Required Qualifications: - Demonstrated experience deploying automation for security operations (SOAR platforms, script-based playbooks, API integrations). - Experience in security engineering, automation, or software engineering, preferably in cloud-native or regulated environments. - Strong programming/scripting skills (Python preferred) with a focus on infrastructure and operations tooling. - Experience working with large datasets in Jupyter Notebooks and building dashboards or reports for security posture and compliance. - Strong communication skills with an ability to convey technical concepts to non-technical stakeholders. - Role is UK based and requires SC Clearance. Preferred Qualifications: - Familiarity with Microsoft security tools: Microsoft Sentinel, Defender XDR, Purview, Entra ID, Azure Policy. - Hands-on experience integrating or piloting AI agents or LLMs in operational workflows. - Knowledge of compliance standards such as NIST, HIPAA, FedRAMP, PCI, SOC2, or HITRUST. - Security certifications such as SC-200, GCSA, or equivalent. #RegulatedIndustriesSecurityOffice Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a requestvia the Accommodation request form. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.