Senior Application Security Engineer

Microsoft is seeking a Senior Application Security Engineer for their Viva Trust team, focusing on Viva Engage (formerly Yammer). This role is crucial in securing new features, ensuring compliance with global regulations, and integrating privacy considerations early in the development process. The Viva Trust team is responsible for enabling Security, Privacy, Responsible AI, and Compliance for one of the world's top networks.

As a Senior Application Security Engineer, you will:

• Conduct privacy and security assessments of platforms, data, and clients through code reviews and automation
• Implement privacy, responsible AI, and security controls in the software development lifecycle
• Collaborate with engineering and product teams on threat modeling and security architecture reviews
• Help teams understand security, responsible AI, compliance, and privacy requirements
• Provide on-call support for escalations
• Implement defense-in-depth mechanisms to prevent security and privacy vulnerabilities

The ideal candidate will have:

• 4+ years of experience in application security engineering/privacy engineering
• Experience with application security standards like OWASP ASVS/Top 10 and CWE 25
• Knowledge of common security libraries, controls, and flaws
• Experience in security and privacy threat modeling
• Understanding of responsible AI, privacy, and compliance regulations (e.g., GDPR, CPRA, SOC 2, ISO27k)
• Familiarity with web proxies and development experience in languages like Java, Ruby, GraphQL, and REST

This role offers a unique opportunity to impact millions of users worldwide, working in a diverse, inclusive, and high-energy culture. The position combines the innovation of a startup with the resources of a leading software company, focusing on mission-driven work that has become increasingly important in the post-Covid world.