Application Security Engineer with Visa Sponsorship

About the Company

Microsoft is a global leader in software, services, devices, and solutions. Our mission is to empower every person and every organization on the planet to achieve more. We are driven by innovation, a commitment to diversity, and a passion for technology that changes the world. Join a team where you can make a real impact on a global scale.

Job Description

We are seeking a highly skilled and passionate Application Security Engineer to join our dynamic team in Reno, Nevada. This pivotal role involves safeguarding our applications throughout the entire Software Development Life Cycle (SDLC) from design to deployment. You will be instrumental in identifying, assessing, and mitigating security vulnerabilities, ensuring our products meet the highest standards of security and compliance. We are committed to building a diverse and inclusive workforce and offer comprehensive visa sponsorship for qualified international candidates eager to relocate and contribute their expertise to our innovative environment.

Key Responsibilities

• Conduct security architecture reviews and threat modeling for new and existing applications.
• Perform static application security testing (SAST), dynamic application security testing (DAST), and interactive application security testing (IAST) to identify vulnerabilities.
• Collaborate with development teams to implement secure coding practices and provide security-related guidance.
• Develop and maintain security policies, standards, and procedures for application development.
• Automate security testing processes and integrate security tools into the CI/CD pipeline.
• Participate in incident response activities related to application security breaches.
• Stay current with the latest security threats, vulnerabilities, and technologies.
• Provide mentorship and training to developers on application security best practices.

Required Skills

• 5+ years of experience in application security or a related field.
• Proficiency in programming languages such as Python, Java, C#, or Go.
• Strong understanding of web application vulnerabilities (OWASP Top 10) and mitigation techniques.
• Experience with security testing tools (e.g., Burp Suite, Nmap, Metasploit, SAST/DAST solutions).
• Familiarity with cloud security principles and practices (Azure, AWS, GCP).
• Solid knowledge of secure SDLC processes and methodologies.
• Excellent problem-solving skills and attention to detail.
• Ability to communicate complex technical information effectively.

Preferred Qualifications

• Bachelor's or Master's degree in Computer Science, Information Security, or a related technical field.
• Relevant security certifications (e.g., CISSP, CSSLP, OSCP, GWEB).
• Experience with container security (Docker, Kubernetes).
• Knowledge of compliance frameworks (GDPR, CCPA, HIPAA, PCI DSS).
• Experience with DevSecOps practices and integrating security into automated pipelines.

Perks & Benefits

• Comprehensive health, dental, and vision insurance.
• Paid time off and company holidays.
• 401(k) retirement plan with company match.
• Employee stock purchase program.
• Relocation assistance and full visa sponsorship.
• Professional development and training opportunities.
• On-site fitness center and wellness programs.
• Access to cutting-edge technology and innovation labs.

Apply Now