Microsoft Azure Storage is evolving and scaling its product to power mission-critical workloads across AI, analytics, and enterprise data. The security, reliability, and performance of the storage front-end layer are becoming increasingly critical due to exponential growth in data, models, and compute. The Azure Storage Front End Security Platform team is building a platform to protect and accelerate every API call across Azure Storage, ensuring the trust and safety of data fueling AI workloads.
Requirements
- coding in languages including, but not limited to, C, C++, C-Sharp, OR Java, JavaScript, or Python
- experience with distributed systems and large-scale storage
- experience with multi-threaded or parallel programming
- Representational State Transfer (REST) Application Programming Interface (API) knowledge, including understanding the difference between a POST and a PATCH and the reasons for Hypertext Transfer Protocol (HTTP) status codes 409 and 412.
- excellence in software engineering practices, coding with a solid foundation in data structures and algorithms, strong testing, debugging, and analytical skills
- disciplined approach to reliability, performance, and architecture
- integrating cutting-edge technologies in identity federation, service-to-service trust, and role-based access control (RBAC) and attribute-based access control (ABAC).
Responsibilities
- Design and deliver the core services that make Azure Storage secure, performant, and AI-ready.
- Build and ship mission-critical features in the authentication, authorization, encryption, and network security layers that protect data for some of the world’s most important workloads — from enterprise data lakes to generative AI pipelines.
- Architect scalable, globally distributed systems that handle billions of secure API calls per day with microsecond-level latency and mission-critical reliability.
- Collaborate with security, AI, and infrastructure teams across Microsoft to co-design the next generation of intelligent storage front ends — enabling capabilities like fine-grained access control, vector-aware policy enforcement, and hardware-accelerated encryption for AI data paths.
- Push the boundaries of zero-trust cloud security by integrating cutting-edge technologies in identity federation, service-to-service trust, and role-based access control (RBAC) and attribute-based access control (ABAC).
- Design for 100× scale growth, with evolving patterns like real-time inference, retrieval-augmented generation (RAG), and distributed training — all built on a secure foundation.
- Acts as a Designated Responsible Individual (DRI) and guides other engineers by developing and following the playbook, working on call to monitor system/product/service for degradation, downtime, or interruptions, alerting stakeholders about status and initiates actions to restore system/product/service for simple and complex problems when appropriate.
Other
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
- proven ability to plan, schedule, and deliver quality software
- personable and positive with high emotional intelligence
- driven to own cross-team initiatives and improvements to enhance Azure Storage.
