Microsoft
Join to apply for the
Principal Platform Security Architect
role at
Microsoft
The Azure Silicon Cloud Hardware Infrastructure and Engineering (SCHIE) team builds the foundation of the Microsoft Cloud. Our teams are responsible for server, silicon, and rack infrastructure design and development. Securing the fleet to enable our customers to achieve more is a fundamental priority for our business.
We are looking for a Principal Platform Security Architect to work on securing Azure infrastructure, both for the existing Azure fleet and for new hardware. The Platform Security Architect will design and implement security measures for hardware and firmware systems that power Azure today. The role involves creating security solutions, assessing security risks, identifying vulnerabilities, and establishing mitigations to ensure that Azure continues to be the world’s most secure cloud platform. The candidate will be familiar with industry‑standard security practices and have experience working at the intersection of silicon, hardware, firmware, operating systems, and services.
Responsibilities
Lead security assurance by running in‑depth security assessments and audits, uncovering hidden vulnerabilities, and shaping robust mitigation strategies that keep our platforms resilient against evolving threats.
Shape the future of cloud security by contributing directly to our Azure hardware and firmware security roadmap, collaborating with world‑class experts across Azure and our supplier ecosystem to drive next‑generation protections.
Be the architect of trust by creating comprehensive system threat models and partnering with cross‑functional teams to weave security into every layer and component of the platform.
Champion security by design, partnering with cross‑functional teams to embed security throughout the development lifecycle (SDL) and into the very foundation of our platform architecture.
Set the bar for trust, defining and evolving security policies, procedures, and standards that safeguard the Azure platform at scale.
Be on the front lines, collaborating with incident response teams to investigate security events, drive rapid remediation, and strengthen defenses.
Empower builders and operators by providing actionable security guidance to engineering and operations teams, ensuring secure innovation without slowing momentum.
Stay ahead of the curve by tracking cutting‑edge security trends, emerging threats, and breakthrough technologies to keep our platform one step ahead.
Embody our culture and values.
Qualifications Minimum Qualifications
Bachelor’s Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python (or equivalent experience).
6+ years of professional experience in hardware and firmware security.
Proficient understanding of hardware and firmware design principles and practices.
Experience with vulnerability assessment and penetration testing.
Other Requirements
Ability to meet Microsoft, customer, and/or government security screening requirements. These include, but are not limited to, the Microsoft Cloud Background Check, required upon hire or transfer and every two years thereafter.
Preferred Qualifications
Experience with hardware security modules (HSMs), secure boot, secure firmware updates, attestation, secure recovery, and secure debug workflows at scale.
Experience designing or implementing industry‑standard security protocols, including secure communications (TLS, HTTPS), cryptographic algorithms, public key infrastructure, and key management technologies.
SoC security – designing and securing silicon platforms at the heart of cloud‑scale systems.
Applied cryptography – from proven methods to tomorrow’s breakthroughs in post‑quantum crypto, building resilience against advanced adversaries.
Supply chain security – safeguarding trust from silicon fabrication to firmware deployment, ensuring end‑to‑end integrity across complex ecosystems.
Experience with C/C++ (Rust is a plus), Embedded Systems, Hardware peripherals, and Windows or Linux.
Proficient problem‑solving, analytical, written, and verbal communication skills.
Software Engineering IC5 – The typical base pay range for this role across the U.S. is USD $139,900 – $274,800 per year. For specific work locations, such as San Francisco Bay area and New York City metropolitan area, the base pay range is USD $188,000 – $304,200 per year.
Microsoft will accept applications for the role until November 17th, 2025.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
#J-18808-Ljbffr
Principal Platform Security Architect
role at
Microsoft
The Azure Silicon Cloud Hardware Infrastructure and Engineering (SCHIE) team builds the foundation of the Microsoft Cloud. Our teams are responsible for server, silicon, and rack infrastructure design and development. Securing the fleet to enable our customers to achieve more is a fundamental priority for our business.
We are looking for a Principal Platform Security Architect to work on securing Azure infrastructure, both for the existing Azure fleet and for new hardware. The Platform Security Architect will design and implement security measures for hardware and firmware systems that power Azure today. The role involves creating security solutions, assessing security risks, identifying vulnerabilities, and establishing mitigations to ensure that Azure continues to be the world’s most secure cloud platform. The candidate will be familiar with industry‑standard security practices and have experience working at the intersection of silicon, hardware, firmware, operating systems, and services.
Responsibilities
Lead security assurance by running in‑depth security assessments and audits, uncovering hidden vulnerabilities, and shaping robust mitigation strategies that keep our platforms resilient against evolving threats.
Shape the future of cloud security by contributing directly to our Azure hardware and firmware security roadmap, collaborating with world‑class experts across Azure and our supplier ecosystem to drive next‑generation protections.
Be the architect of trust by creating comprehensive system threat models and partnering with cross‑functional teams to weave security into every layer and component of the platform.
Champion security by design, partnering with cross‑functional teams to embed security throughout the development lifecycle (SDL) and into the very foundation of our platform architecture.
Set the bar for trust, defining and evolving security policies, procedures, and standards that safeguard the Azure platform at scale.
Be on the front lines, collaborating with incident response teams to investigate security events, drive rapid remediation, and strengthen defenses.
Empower builders and operators by providing actionable security guidance to engineering and operations teams, ensuring secure innovation without slowing momentum.
Stay ahead of the curve by tracking cutting‑edge security trends, emerging threats, and breakthrough technologies to keep our platform one step ahead.
Embody our culture and values.
Qualifications Minimum Qualifications
Bachelor’s Degree in Computer Science or related technical field AND 6+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python (or equivalent experience).
6+ years of professional experience in hardware and firmware security.
Proficient understanding of hardware and firmware design principles and practices.
Experience with vulnerability assessment and penetration testing.
Other Requirements
Ability to meet Microsoft, customer, and/or government security screening requirements. These include, but are not limited to, the Microsoft Cloud Background Check, required upon hire or transfer and every two years thereafter.
Preferred Qualifications
Experience with hardware security modules (HSMs), secure boot, secure firmware updates, attestation, secure recovery, and secure debug workflows at scale.
Experience designing or implementing industry‑standard security protocols, including secure communications (TLS, HTTPS), cryptographic algorithms, public key infrastructure, and key management technologies.
SoC security – designing and securing silicon platforms at the heart of cloud‑scale systems.
Applied cryptography – from proven methods to tomorrow’s breakthroughs in post‑quantum crypto, building resilience against advanced adversaries.
Supply chain security – safeguarding trust from silicon fabrication to firmware deployment, ensuring end‑to‑end integrity across complex ecosystems.
Experience with C/C++ (Rust is a plus), Embedded Systems, Hardware peripherals, and Windows or Linux.
Proficient problem‑solving, analytical, written, and verbal communication skills.
Software Engineering IC5 – The typical base pay range for this role across the U.S. is USD $139,900 – $274,800 per year. For specific work locations, such as San Francisco Bay area and New York City metropolitan area, the base pay range is USD $188,000 – $304,200 per year.
Microsoft will accept applications for the role until November 17th, 2025.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
#J-18808-Ljbffr