What you'd actually do

Develop and ship agentic AI-powered security features that protect users from threats such as prompt injection, adversarial manipulation, and abuse of agentic workflows.

Implement secure orchestration frameworks that enable Copilot to safely delegate, coordinate, and execute actions across devices, services, and platforms.

Invent and apply new intelligent agents that leverage information flow analysis and apply common sense and judgement guardrails for security and privacy.

Collaborate with product, engineering, security, privacy, and AI teams to adopt agentic security patterns and best practices across Copilot and MAI.

Monitor key metrics for agentic AI security and innovation, using data-driven insights to improve defenses and enablement.

Skills

Required

Bachelor's Degree in Computer Science or related technical field AND 4+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
equivalent experience

Nice to have

3+ years in technical engineering roles building large-scale services.
Hands-on experience designing and operating security-critical or AI-powered systems at scale, including agentic AI, secure orchestration, or advanced threat defenses.
Proven ability to design, build, and ship agentic AI features or frameworks
Ability to clearly explain complex systems and security concepts to technical and non-technical stakeholders and influence cross-org roadmaps.
Agentic AI Development & Orchestration: Experience building production agent systems using frameworks such as LangGraph, Amazon Strands SDK, or similar platforms; familiarity with agentic design patterns including tool calling, multi-agent coordination, and secure delegation patterns
Hands-on experience with distributed training frameworks (Ray, Slurm, HPC), containerization and orchestration technologies (Docker, Kubernetes) for ML model deployment, and ML lifecycle management in production environments
Experience designing evaluation frameworks for LLM-based applications and implementing observability for agent systems using tools such as Phoenix, MLFlow, LangFuse, or custom eval harnesses; understanding of AI safety evaluation methodologies including adversarial testing and red-teaming
Experience integrating with Azure AI services, Azure OpenAI Service, or Microsoft security platforms (Azure AD, Defender, Purview)
Track record of mentoring less experienced engineers, driving adoption of standards and best practices across teams, and influencing technical roadmaps while balancing innovation velocity with fundamentals

What the JD emphasized

agentic AI

security features

orchestration frameworks

threats such as prompt injection, adversarial manipulation, and abuse of agentic workflows

secure orchestration frameworks

intelligent agents

guardrails for security and privacy

agentic security patterns and best practices

agentic AI security and innovation

agentic AI features or frameworks

agentic AI Development & Orchestration

agentic design patterns including tool calling, multi-agent coordination, and secure delegation patterns

AI safety evaluation methodologies including adversarial testing and red-teaming

Overview

About the Team

Copilot Security is at the core of Microsoft’s mission to deliver trusted, human-centered AI experiences. We make security and resilience intrinsic to every Copilot interaction across devices, platforms, and ecosystems. Our work spans secure identity flows, defenses against emerging threats like prompt injection, and privacy-first systems that scale globally.

About the Role

Copilot for consumers is entering a new era of agentic AI, where intelligent agents act on behalf of users across Windows, Edge, web, mobile, and third-party products. We’re seeking a Senior Software Engineer to help develop security features and solutions that harness agentic AI to protect customers and enable new capabilities in Copilot. You’ll contribute to designing and building AI-powered defenses, secure orchestration frameworks, and enabling technologies that empower Copilot to act safely and responsibly at scale. This role is ideal for engineers who are passionate about applying technical skills to solve security challenges and build systems that balance innovation with trust.

Why This Role Matters

Your work will directly shape how hundreds of millions of users experience safe, trustworthy, and innovative AI. You’ll be at the forefront of defining how agentic AI can proactively defend users, mitigate emerging threats, and unlock new secure scenarios, making a global impact on Microsoft’s most transformative products.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Starting January 26, 2026, MAI employees are expected to work from a designated Microsoft office at least four days a week if they live within 50 miles (U.S.) or 25 miles (non-U.S., country-specific) of that location. This expectation is subject to local law and may vary by jurisdiction.

Responsibilities

Develop and ship agentic AI-powered security features that protect users from threats such as prompt injection, adversarial manipulation, and abuse of agentic workflows.
Implement secure orchestration frameworks that enable Copilot to safely delegate, coordinate, and execute actions across devices, services, and platforms.
Invent and apply new intelligent agents that leverage information flow analysis and apply common sense and judgement guardrails for security and privacy.
Collaborate with product, engineering, security, privacy, and AI teams to adopt agentic security patterns and best practices across Copilot and MAI.
Monitor key metrics for agentic AI security and innovation, using data-driven insights to improve defenses and enablement.
Document secure agentic AI patterns, ensuring they address novel risks, support safe delegation, and enable responsible orchestration of actions.

Qualifications

Required Qualifications:

Bachelor's Degree in Computer Science or related technical field AND 4+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
- OR equivalent experience.

Preferred Qualifications:

3+ years in technical engineering roles building large-scale services.
Hands-on experience designing and operating security-critical or AI-powered systems at scale, including agentic AI, secure orchestration, or advanced threat defenses.
Proven ability to design, build, and ship agentic AI features or frameworks
Ability to clearly explain complex systems and security concepts to technical and non-technical stakeholders and influence cross-org roadmaps.
Agentic AI Development & Orchestration: Experience building production agent systems using frameworks such as LangGraph, Amazon Strands SDK, or similar platforms; familiarity with agentic design patterns including tool calling, multi-agent coordination, and secure delegation patterns
Hands-on experience with distributed training frameworks (Ray, Slurm, HPC), containerization and orchestration technologies (Docker, Kubernetes) for ML model deployment, and ML lifecycle management in production environments
Experience designing evaluation frameworks for LLM-based applications and implementing observability for agent systems using tools such as Phoenix, MLFlow, LangFuse, or custom eval harnesses; understanding of AI safety evaluation methodologies including adversarial testing and red-teaming
Experience integrating with Azure AI services, Azure OpenAI Service, or Microsoft security platforms (Azure AD, Defender, Purview)
Track record of mentoring less experienced engineers, driving adoption of standards and best practices across teams, and influencing technical roadmaps while balancing innovation velocity with fundamentals

#MicrosoftAI

Software Engineering IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about **requesting accommodations.**