Overview

Copilot is becoming an agentic system: it can plan, reason, and take actions across tools, data, and services. Securing that kind of system requires more than traditional boundaries or static controls—it demands adaptive defenses, intelligent guardrails, and provable isolation that operate continuously at runtime.

Copilot Security and Privacy is responsible for building those capabilities directly into Copilot. Our work focuses on new security primitives for agentic AI, including real‑time intent validation, workload isolation with verifiable guarantees, AI‑driven guardrails, and offensive security techniques that model how intelligent systems fail under pressure.

We are hiring a Principal Security Engineer to help design and build these systems end‑to‑end. This is a hands‑on engineering role for someone who wants to ship production code into a globally deployed AI platform—developing adaptive defenses, agentic offensive security, and security architectures that scale with autonomy. The problems are technically deep, often unsolved, and central to making advanced AI systems deployable in the real world.

Most security roles focus on protecting existing systems. This role helps define the security architecture for systems that are still being invented.

You will work at the intersection of AI, security, privacy, and distributed systems—building defenses that enable safe autonomy rather than limiting innovation. If you want to shape how agentic AI is secured at global scale, this is a uniquely high‑impact opportunity.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Starting January 26, 2026, Microsoft AI (MAI) employees who live within a 50-mile commute of a designated Microsoft office in the U.S. or 25-mile commute of a non-U.S., country-specific location are expected to work from the office at least four days per week. This expectation is subject to local law and may vary by jurisdiction.

Responsibilities

• Design and build secure, high‑performance platform components that support Copilot’s agentic workflows across cloud and device environments.
• Develop novel security mechanisms for agentic AI systems, including real‑time intent validation, information‑flow controls, isolation boundaries, and abuse‑resistant orchestration.
• Eliminate entire classes of vulnerabilities by creating secure‑by‑default APIs, sandboxing layers, and hardened system interfaces.
• Build and operate offensive security tooling and agents that continuously probe Copilot’s autonomy, reasoning paths, and trust boundaries.
• Partner closely with AI researchers, platform engineers, and product teams to translate research and prototypes into production‑ready security features.
• Write high‑quality, well‑tested code across backend services, platform layers, and AI‑adjacent systems.
• Use telemetry, signals, and data‑driven analysis to detect abuse, anomalous agent behavior, and emerging threat patterns.
• Navigate ambiguity, make sound engineering tradeoffs, and ship iteratively in a fast‑paced product environment.
• Contribute to a culture of high ownership, technical excellence, and inclusive collaboration.

Qualifications Required Qualifications:

• Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years of experience OR Master’s Degree AND 4+ years of experience OR Bachelor’s Degree AND 6+ years of experience in security engineering, secure software development, large-scale computing, threat modeling, or applied security analytics, including experience designing or building systems to detect, prevent, or mitigate security threats, or equivalent experience.

Preferred Qualifications:

• Doctorate in Statistics, Mathematics, Computer Science, or related field AND 6+ years of experience OR Master’s Degree AND 5+ years of experience OR Bachelor’s Degree AND 6+ years of experience in security engineering, secure software development, large-scale computing, threat modeling, or applied security analytics, including experience designing or building systems to detect, prevent, or mitigate security threats, or equivalent experience.
• 8+ years of professional engineering experience.
• Solid coding skills in one or more of the following: C, C++, C#, Java, JavaScript, or Python.
• Demonstrated experience designing, building, and operating production systems at scale.
• Experience building or securing large‑scale distributed systems on cloud platforms such as Azure, AWS, or GCP.
• Familiarity with emerging attack classes against AI systems, including prompt‑based exploits, agent misbehavior, information‑flow vulnerabilities, or model‑assisted exfiltration.
• Proven ability to design system interfaces and abstractions that reduce misuse and prevent vulnerabilities by construction.
• Experience with AI platforms, LLM frameworks, or ML pipelines—or the ability to ramp up quickly.
• Background in sandboxing, isolation, container security, or trusted execution environments.
• Solid analytical skills, including working with telemetry, anomaly detection, or ML‑based security signals.
• Ability to decompose ambiguous, unsolved problems into practical engineering plans.
• Clear, effective communication skills across technical and non‑technical audiences.

MicrosoftAI #MAIDPS

Security Operations Engineering IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process.