Principal Security Engineer - MAI Data, Privacy, and Security, Microsoft AI - Copilot

United States, California, Mountain View

May 29, 2025

Overview

Microsoft is at the forefront of AI innovation, addressing some of the most complex AI challenges. Our goal is to deliver systems with genuine artificial intelligence capabilities across agents, applications, services, and infrastructure. The Security Engineering team within MAI ensures our AI advancements are secure and trustworthy by integrating robust security measures into our platforms. We focus on enabling secure and efficient inclusion of external data and services without compromising safety or privacy.

We are seeking a Principal Security Engineer to lead security assessments and testing both internally and with external partners. You will collaborate closely with the product engineering team to promote good design decisions, identify risks and vulnerabilities, and develop solutions. Your role will ensure that Copilot and its integrations operate on a strong security foundation, mitigating threats such as indirect prompt injection, unauthorized data flows, and privacy breaches. The ideal candidate will have extensive experience in these areas, combining knowledge of emerging attacks and defenses with sound judgment to select optimal mitigations in a product context.

Microsoft's mission is to empower every person and organization to achieve more. We foster a culture of growth, innovation, collaboration, respect, integrity, and accountability, creating an inclusive environment where everyone can thrive.

Responsibilities

1. Lead comprehensive risk assessments, including automated risk identification, controls validation, and threat modeling across networking, operating systems, and application layers.
2. Identify security best practices, assess risks, and coordinate remediations to address vulnerabilities effectively.
3. Proactively identify and remediate security risks through code and configuration updates.
4. Collaborate with partner teams to resolve security issues and facilitate their development velocity.
5. Develop and maintain metrics to evaluate security impact and reliability at tactical and strategic levels.
6. Mentor team members, promoting a culture of security awareness and accountability.
7. Contribute to secure software development by reviewing and advising on secure coding practices, particularly in C#, Python, or similar languages.