What you'd actually do

Identity strategy & architecture: Define the end‑to‑end identity vision for consumer Copilot and MAI, covering user/account models, sign‑in, session management, token issuance/validation, service‑to‑service auth, and cross‑device experiences.

Cross‑surface platform leadership: Drive common authentication/SSO patterns and SDKs for Windows, Edge, web, iOS, and Android; ensure seamless UX and consistent security controls across consumer surfaces and modalities.

Collaborate with product, engineering, security, privacy, and identity teams across Copilot, MAI and IDNA to drive improvements in authentication, identity, and security. Influence technical direction and best practices across a large, distributed system, ensuring alignment and adoption of key initiatives.

Establish, monitor, and continuously improve key authentication metrics across Copilot and MAI. Collaborate with engineering, product, and identity teams to align on a unified ground truth and leverage dashboards for ongoing measurement and root cause analysis

Define and document authentication patterns and requirements for AI-powered, agentic flows. Ensure these patterns address novel risks, support secure delegation, and enable safe orchestration of actions across devices and services.

Skills

Required

Bachelor's Degree in Computer Science or related technical field AND 8+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python

Nice to have

Master's Degree in Computer Science or related technical field AND 12+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
Bachelor's Degree in Computer Science or related technical field AND 15+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
Experience integrating with Microsoft Account, and familiarity with consumer identity features.
Cross‑platform delivery: Shipped identity flows and SDKs across multiple consumer client platforms (Windows, macOS, iOS, Android, web).
Governance & lifecycle: Familiarity with consumer identity lifecycle management and privacy controls.
Privacy/Compliance: Experience embedding privacy‑by‑design and meeting consumer compliance expectations for Copilot-class workloads.
Leadership: Track record mentoring senior engineers and driving adoption of platform standards across many product teams.

Overview

About the Team

Consumer Copilot Security is at the core of Microsoft’s mission to deliver trusted, human-centered AI experiences. We make security and resilience intrinsic to every Copilot interaction—across devices, platforms, and ecosystems. Our work spans secure identity flows, defenses against emerging threats like prompt injection, and privacy-first systems that scale globally.

About the Role

Copilot for consumers depends on a rock-solid identity foundation that makes personalized AI experiences safe and seamless across Windows, Edge, web, and mobile. We’re seeking a hands-on Principal Software Engineer to define and lead the strategy for authentication, authorization, and account systems across Copilot experiences, partnering deeply with Microsoft’s central identity platform and related teams.

You’ll tackle novel risks at the frontier of agential AI, applying proven solutions and inventing new ones where needed. This role demands a rare blend of deep backend engineering expertise, mastery of modern consumer identity protocols, and the ability to make sound trade-offs between risk and velocity—keeping Copilot moving fast while raising the security and reliability bar.

Why This Role Matters

Your work will secure AI experiences for hundreds of millions of users worldwide, shaping how people trust and interact with Microsoft’s most transformative products. If you thrive on solving hard technical problems at scale, influencing architecture across platforms, and building systems that balance speed and trust, this is your opportunity to make a global impact.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Starting January 26, 2026, MAI employees are expected to work from a designated Microsoft office at least four days a week if they live within 50 miles (U.S.) or 25 miles (non-U.S., country-specific) of that location. This expectation is subject to local law and may vary by jurisdiction.

Responsibilities

Identity strategy & architecture: Define the end‑to‑end identity vision for consumer Copilot and MAI, covering user/account models, sign‑in, session management, token issuance/validation, service‑to‑service auth, and cross‑device experiences.
Cross‑surface platform leadership: Drive common authentication/SSO patterns and SDKs for Windows, Edge, web, iOS, and Android; ensure seamless UX and consistent security controls across consumer surfaces and modalities.
Collaborate with product, engineering, security, privacy, and identity teams across Copilot, MAI and IDNA to drive improvements in authentication, identity, and security. Influence technical direction and best practices across a large, distributed system, ensuring alignment and adoption of key initiatives.
Establish, monitor, and continuously improve key authentication metrics across Copilot and MAI. Collaborate with engineering, product, and identity teams to align on a unified ground truth and leverage dashboards for ongoing measurement and root cause analysis
Align with central Microsoft Account roadmaps, influence platform capabilities, and land them in Copilot and MAI consumer scenarios at scale.
Define and document authentication patterns and requirements for AI-powered, agentic flows. Ensure these patterns address novel risks, support secure delegation, and enable safe orchestration of actions across devices and services.
Hands‑on engineering: Ship secure, well‑tested, maintainable code and frameworks that other teams can adopt quickly.
Product mindset: Balance customer experience with consumer-grade security, privacy, and compliance expectations for Copilot.
Work closely with globally distributed teams, managing effective communication, coordination, and project delivery across multiple time zones. Foster strong cross-regional partnerships to drive identity and authentication improvements at scale.

Qualifications

Required Qualifications:

Bachelor's Degree in Computer Science or related technical field AND 8+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR equivalent experience.

Preferred Qualifications:

Master's Degree in Computer Science or related technical field AND 12+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR Bachelor's Degree in Computer Science or related technical field AND 15+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR equivalent experience.
Experience integrating with Microsoft Account, and familiarity with consumer identity features.
Cross‑platform delivery: Shipped identity flows and SDKs across multiple consumer client platforms (Windows, macOS, iOS, Android, web).
Governance & lifecycle: Familiarity with consumer identity lifecycle management and privacy controls.
Privacy/Compliance: Experience embedding privacy‑by‑design and meeting consumer compliance expectations for Copilot-class workloads.
Leadership: Track record mentoring senior engineers and driving adoption of platform standards across many product teams.

#MicrosoftAI

Software Engineering IC6 - The typical base pay range for this role across the U.S. is USD $163,000 - $296,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $220,800 - $331,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about **requesting accommodations.**