What is Yammer?

Microsoft Yammer is the industry-defining social network for the enterprise. Millions of employees, including 85% of Fortune 500 companies use Yammer every day, to build community and culture, share knowledge, and connect with their leaders and each other.

Why Yammer?

Yammer was one of the first startup unicorns this past decade and was acquired by Microsoft in 2012. Today, this means we get the benefits of a startup - rapid innovation, cutting-edge technology, outsized individual impact - with the advantages of working for one of the most successful software companies in the world.We work togetherin small, cross-functional teams - engineers, product managers, designers, data scientists - to design, deliver and operate delightful end user experiences to our tens of millions of users spread across the world.

We’ve always been mission-driven; In this post-Covid world, Yammer has become even more indispensable than ever as employees have a deep need for connection and a sense of belonging. We’ve been growing rapidly and need your help to take Yammer to the next level.

You will have:

• Autonomy and freedom to innovate
• Choice of the best of open source and Microsoft-internal technology
• The ability to experiment, A/B test,and make data-driven decisions

• Tons of opportunityfor outsized impact as part of asmall but mighty team on arapidly-growingproduct needed now more than ever

At the same time, youalso have the benefits of working at a top-tier tech company like Microsoft:

• Compensation, benefits, and perks
• Internal resources, technology, and opportunities for learning and growth
• Brand and networking

• Opportunity for massive scale as part of a suite with hundreds of millions of users

About this job:

Our mission is to build trust with both external and internal customers, by building secure & compliant solutions. As a Yammer Security team member, you will be setting privacy and security controls and design requirements during the feature design & development stage of the software lifecycle. You will also help ensure that privacy and security across all aspects of the software is uniform by setting up checkpoints and reviews.

Our stack:

• Linux on Azure
• Java andRubymicro services, deployed as docker containers
• Graph QL,DropWizard, RailsREST APIs
• Postgres/CosmosDB/Kafka/RabbitMQ/Redisstorage andqueuing

• Mesos container orchestration,HAProxy-based service mesh
• Wavefront metrics, Azure Data Explorer log aggregation, PagerDuty alerting

Responsibilities

• Privacy and Security assessments of platform, data and clients, through code reviews, automation and security audits.
• Implementing privacy and security controls and checkpoints to detect and prevent issues early in the software development lifecycle.
• Work with engineering and product teams in the design phase of products and features, conducting threat modeling and performing security architecture and design reviews.
• Help engineering and product teams to understand compliance and privacy requirements.
• On-call support for security and privacy escalations.

Qualifications

Basic Qualifications

• 5+ Years of experience in application security engineering.
• Outstanding collaboration and partnership skills, with proven ability to drive results across teams.
• Experience with application security standards such as OWASP ASVS/Top 10, CWE 25.
• Familiarity with common security libraries, security controls, and common security flaws.
• Bachelor’s degree in Computer Science, Engineering, or equivalent work experience.

Preferred Qualifications/Attributes

• Understanding of privacy and compliance regulations such as GDPR, CPRA, SOC 2, ISO27k and others.
• Experience of privacy, compliance and security audits.
• Familiarity with web proxies such as Burp, OWASP ZAP or Fiddler.
• Development or scripting experience. Java, Ruby, Ruby On Rails, GraphQL, REST preferred.

#Nextplay

#Yammer

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.