CoreAI is looking for a software engineer to contribute to the Open-Source Security and Tools team, which is responsible for ensuring the security and developer experience of open-source components used by Microsoft engineers. The goal is to build and support the engineering system that powers Microsoft's development of software, particularly in the context of Generative AI.
Requirements
- 6+ months of experience using AI-assisted development tools (e.g., GitHub Copilot, or similar) to enhance productivity and code quality.
- 1+ year of experience with packaging ecosystems (packages, tools, protocols) such as NPM, PyPI, NuGet, Maven.
- 1+ year of experience with software security, including threat modeling, isolation, integrity checking, and certificates.
- 1+ years of experience with RDBMS and/or NoSql databases.
- coding in languages including, but not limited to, C, C++, C-Sharp, Java, JavaScript, or Python
- experience using AI-assisted development tools (e.g., GitHub Copilot, or similar) to enhance productivity and code quality.
- experience with packaging ecosystems (packages, tools, protocols) such as NPM, PyPI, NuGet, Maven.
Responsibilities
- developing scalable distributed services scanning package managers like npm, NuGet and PyPi
- collaborating with security teams
- integrating new policies and scanners in our system
- building a variety of tools that help Microsoft engineers consume and build open-source software that’s secure
- supporting customers and the production services
- Creates and implements code for a product, service, or feature, reusing code as applicable.
- Acts as a Designated Responsible Individual (DRI) working on-call to monitor system/product feature/service for degradation, downtime, or interruptions and gains approval to restore system/product/service for simple problems.
Other
- Works with appropriate stakeholders to determine user requirements for a set of features.
- Contributes to the identification of dependencies, and the development of design documents for a product area with little oversight.
- Contributes to efforts to break down larger work items into smaller work items and provides estimation.
- Remains current in skills by investing time and effort into staying abreast of current developments that will improve the availability, reliability, efficiency, observability, and performance of products while also driving consistency in monitoring and operations at scale.
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
