Microsoft · 15 hours ago
Gaming Senior Principal, Application & Product Security
Redmond, WA
Full-time
Onsite
Lead/Staff
$163K/yr - $296K/yr
8+ years expMicrosoft is committed to ensuring that we develop and deploy our AI technologies in ways that uphold our AI principles and warrant people’s trust. The Gaming Senior Principal, Application & Product Security will be responsible for building the Developer Enablement pillar, driving initiatives to eliminate vulnerabilities, and ensuring a secure play experience for billions of players worldwide.
Agentic AIApplication Performance ManagementArtificial Intelligence (AI)Business DevelopmentDevOpsInformation ServicesInformation TechnologyManagement Information SystemsNetwork SecuritySoftware
Responsibilities
Strategic Leadership for Developer Enablement: Define and execute the long-term roadmap for the Developer Enablement pillar, ensuring security integrates seamlessly into the high-velocity development cycles of game studios without impacting performance or release timelines
Elimination of Vulnerability Classes: Drive cross-organizational efforts to analyze recurring vulnerability trends and drive the systemic eradication of entire classes of vulnerabilities (e.g., XSS, Injection) through architectural changes rather than whack-a-mole bug fixing
Paved-Road Tooling Architecture: Architect and oversee the implementation of "paved road" security tooling and automation that integrat e;ys directly into CI/CD pipelines, making the secure path the easiest path for developers
Secure Code Library Management: Direct the development and maintenance of centralized, secure-by-default code libraries and SDKs (handling cryptography, authentication, etc.) for game teams to consume, reducing the cognitive load on developers
Root Cause Analysis & Feedback Loops: Establish rigorous root cause analysis processes for identified security defects and feed these insights back into the Software Development Life Cycle (SDLC) to update training, tooling, and policy
Security Champions Program: Support the recently launched "Security Champions" community embedded within individual game studios to scale security culture, ensuring peer-to-peer advocacy and rapid adoption of security practices
Scalable Threat Modeling: Collaborate with existing team members on the evolution of the threat modeling process by creating scalable, self-service frameworks and AI agentic capabilities that allow engineering teams to identify design-level flaws early in the pre-production phases
Metric-Driven Governance: Define, track, and report on Key Performance Indicators (KPIs) regarding code maturity and vulnerability reduction, translating technical data into risk insights for executive leadership
Cross-Domain Collaboration: Act as the primary bridge between the Central Security organization and Game Studio technical directors, ensuring security requirements are translated into actionable engineering backlog items
Innovation & AI Integration: Evaluate and implement emerging technologies (such as AI-driven code analysis or automated remediation) to modernize the application security portfolio and increase the speed of detection and fix
Qualification
Required
Doctorate in Statistics, Mathematics, Computer Science, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response + OR equivalent experience
3+ years people management experience
Preferred
12+ years of experience in Cybersecurity, Software Engineering, or Product Security, with at least 5 years serving in a technical leadership capacity (Principal level or above), driving security strategy in large-scale environments
Proficiency in at least one modern programming language (e.g., C++, C#, Python, Go, or Rust) with a history of writing production-quality code or security automation tools
Proven track record of designing and implementing 'Shift Left' initiatives that integrate security tooling (SAST/DAST/SCA) directly into CI/CD pipelines (e.g., Azure DevOps, GitHub Actions, Jenkins) with minimal developer friction
Understanding of security technologies, tools, and best practices, including secure coding practices, application security frameworks, threat modeling, risk assessments, and incident response
Written and verbal communication with the ability to partner for success across all levels of the organization and varying technical depths
Customer-first, business-savvy, and holds a growth mindset to uphold our culture and values
Demonstrated experience and success in senior technical leadership roles, such as Application Security Leader or Product Security Leader, at global organizations of similar or greater scale
5+ years of experience building a modern application security program with a focus on shifting left to integrate security early into the SDLC process
Proven track record of promoting and collaborating with development teams on secure development, ensuring vulnerabilities are reduced through the utilization of resources such as secure code libraries
Proven track record of addressing security vulnerabilities through root cause analysis and the development of appropriate programs to drive successful remediation that eliminates vulnerability classes
Ability to translate complex technical information into strategic insights for technical leaders and simplify it for senior business leaders
Organizational, project management, communication, and stakeholder management skills with experience in developing, tracking, and reporting KPIs
Company
Microsoft
Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.
10001+ employees
H1B Sponsorship
Microsoft has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9192)
2024 (9343)
2023 (7677)
2022 (11403)
2021 (7210)
2020 (7852)
Funding
Current Stage
Public CompanyTotal Funding
$1MKey Investors
Technology Venture Investors
2022-12-09Post Ipo Equity
1986-03-13IPO
1981-09-01Series Unknown· $1M
Leadership Team
Satya Nadella
Chairman and CEO
Vukani Mngxati
Chief Executive Officer - Microsft South Africa
Recent News
MarketScreener
2026-01-06
2026-01-06
Company data provided by crunchbase