Security Engineer II - Automation and AI

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Are you a software engineer whose interests lie in secure systems architecture with a bias for innovation and product-making? Join our dynamic Regulated Industries team within the Cloud + AI organization, where you'll have the autonomy to explore AI-oriented solutions and drive impactful internal systems at scale. If you're excited about influencing the future through innovation and thrive in a culture that values respect, integrity, and accountability, we want to hear from you!

We are seeking a Security Engineer II - Automation and AI to design and implement secure, automated systems that enhance our internal security posture and streamline tooling for teams supporting regulated workloads. The ideal candidate is adaptable, organized, and deeply technical-capable of architecting systems, building automation workflows, and integrating AI agents to support compliance, observability, and operational excellence. Role is UK based and requires SC Clearance.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities:

• Architect and Develop Internal Security Tooling: Design, implement, and evolve secure systems architecture that supports the Regulated Industries internal tooling platform. Leverage automation and intelligent workflows to enhance observability, policy enforcement, and team productivity.
• Implement AI-Powered Security Workflows: Integrate AI/ML agents-including Microsoft Security Copilot and LLM-based copilots-into operational pipelines for tasks such as incident triage, control validation, and telemetry summarization. Ensure models and agents are used securely and responsibly.
• Orchestrate Security Automation: Lead the design and development of automation solutions across platforms (Azure Monitor, Defender XDR, Entra, Purview). Create scripts, APIs, and orchestrations that reduce manual effort and improve speed and accuracy in security operations.
• Tell Stories with Data: Use tools like Jupyter Notebooks, Kusto Query Language (KQL), and Python to query and visualize large-scale security datasets. Translate telemetry into insights and share narratives that influence decision-making across engineering and leadership teams.
• Support Compliance and Audit Readiness: Build and maintain solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST 800-53, HITRUST, PCI-DSS, and FedRAMP.
• Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals.

Qualifications:

Required Qualifications:

• Demonstrated experience deploying automation for security operations (SOAR platforms, script-based playbooks, API integrations).
• Experience in security engineering, automation, or software engineering, preferably in cloud-native or regulated environments.
• Strong programming/scripting skills (Python preferred) with a focus on infrastructure and operations tooling.
• Experience working with large datasets in Jupyter Notebooks and building dashboards or reports for security posture and compliance.
• Strong communication skills with an ability to convey technical concepts to non-technical stakeholders.
• Role is UK based and requires SC Clearance.

Preferred Qualifications:

• Familiarity with Microsoft security tools: Microsoft Sentinel, Defender XDR, Purview, Entra ID, Azure Policy.
• Hands-on experience integrating or piloting AI agents or LLMs in operational workflows.
• Knowledge of compliance standards such as NIST, HIPAA, FedRAMP, PCI, SOC2, or HITRUST.
• Security certifications such as SC-200, GCSA, or equivalent.

#RegulatedIndustriesSecurityOffice

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.