Overview
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate.
Do you ever think about the code you didn’t write? Because most of it—you didn’t. Modern software is assembled, not authored. A single application depends on hundreds, often thousands, of open-source components written by people you’ll never meet—yet running with the same privileges as the code you carefully review and own. This is the software supply chain—and it has quietly become one of the most actively exploited attack surfaces in the world.
Become an integral member of the Microsoft Defender for Endpoint (MDE) Team. We’re looking for a Principal Software Engineer who wants to help build the foundational capabilities to defend it. In this role, you’ll work on detecting and stopping threats at the source—whether it’s a malicious npm package, a typosquatted dependency, or a compromised update—before it ever reaches a developer’s project or production environment.
You’ll operate at ecosystem scale, analyzing large volumes of code, understanding what it actually does (not just what it claims), tracing provenance and trust, and turning those signals into real-time protection within the tools developers already use. These are new primitives—many don’t exist yet—and you’ll help define and build them. This is greenfield work built natively across Microsoft’s ecosystem, with deep integration into GitHub, Visual Studio, Azure, and open-source platforms. You’ll be part of a team small enough that what you build ships quickly and has real impact. There are very few places where a single engineer can write code that protects millions of developers and the software they deliver to the world. Defender is one of them. If you love building, move fast, and want to work on a problem that truly matters—let’s talk.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Responsibilities
- Define and drive the technical direction for software supply chain protection capabilities that detect and prevent threats before they reach developer projects or production environments.
- Design, build, and operate large-scale distributed systems that analyze open-source packages, code behavior, provenance, and trust signals across ecosystems in real time.
- Develop new security primitives for package risk assessment, malicious dependency detection, typosquatting prevention, provenance validation, and AI-assisted threat detection.
- Provide hands-on technical leadership across architecture, design reviews, API/data contracts, prototypes, and implementation to de-risk complex systems and accelerate delivery.
- Partner across Microsoft Defender, GitHub, Visual Studio, Azure, and open-source ecosystem teams to embed protection into the tools and workflows developers already use.
- Drive engineering excellence through reliable, scalable, secure, and observable services, with strong focus on quality, performance, and operational readiness.
- Mentor and guide engineers, foster a builder culture of clarity, collaboration, and technical rigor, and embody Microsoft’s culture and values.
- Embody our Cultureand Values
Qualifications
Required Qualifications:
- Bachelor's Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience.
**Other Requirements: **
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred qualifications:
- Bachelor's Degree in Computer Science or related technical field AND 8+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C, Java, JavaScript, Rust, Go, or Python - OR Master's Degree in Computer Science or related technical field AND 6+ years technical engineering experience OR equivalent experience
- 6+ years of experience designing, building, and shipping production backend services, platforms, or data pipelines.
- Hands-on experience with software supply chain security and open-source package ecosystems (e.g., npm, PyPI, NuGet, Maven, Cargo), including dependency, vulnerability, or malware analysis.
- Experience with program analysis techniques — static and dynamic analysis, sandboxing/detonation, deobfuscation, or behavioral analysis — to determine what code actually does.
- Experience building and operating large-scale scanning, detection, or data-processing pipelines in the cloud (Azure preferred).
- Familiarity with supply chain integrity frameworks and standards such as SBOM, SLSA, provenance, and artifact signing (e.g., Sigstore).
- Demonstrated security background — threat detection, malware/vulnerability research, EDR/antivirus, or other security-sensitive software.
- Experience integrating with developer tools
#MSFTSecurity
Software Engineering IC5 - The typical base pay range for this role across the U.S. is USD $142,800.00 - $274,800.00 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000.00 - $304,200.00 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about **requesting accommodations.**