{"id":1866,"date":"2025-09-29T13:23:15","date_gmt":"2025-09-29T13:23:15","guid":{"rendered":"https:\/\/shreyapohekar.com\/blogs\/?p=1866"},"modified":"2025-09-29T13:23:18","modified_gmt":"2025-09-29T13:23:18","slug":"landing-a-microsoft-cybersecurity-role-my-journey-and-tips-for-aspiring-security-professionals","status":"publish","type":"post","link":"https:\/\/shreyapohekar.com\/blogs\/landing-a-microsoft-cybersecurity-role-my-journey-and-tips-for-aspiring-security-professionals\/","title":{"rendered":"Landing a Microsoft Cybersecurity Role: My Journey and Tips for Aspiring Security Professionals"},"content":{"rendered":"\n

<\/p>\n\n\n\n

If someone had told me a few years ago that I\u2019d be working in cybersecurity at Microsoft, I probably wouldn\u2019t have believed them. My path wasn\u2019t straightforward or glamorous\u2014it was messy, full of late nights small wins, rejections, and unexpected turns. But every step, from writing code at TCS to triaging bugs at HackerOne, added up and eventually brought me here.<\/p>\n\n\n\n

This blog is my attempt to share the story behind that journey\u2014what it\u2019s really like, the things people don\u2019t see, and the lessons that helped me along the way. <\/p>\n\n\n\n

You might be on a journey similar to mine\u2014dreaming of breaking into the world of cybersecurity and landing a role at your dream company. Through this blog, I want to share my experiences, lessons, and the challenges I faced so that freshers and aspiring professionals in infosec can find guidance, avoid common mistakes, and feel a little less alone in the process. If you\u2019re just starting out, I hope my story helps you shape your own path and gives you the confidence to keep moving forward.<\/p>\n\n\n\n

When people hear I landed at Microsoft, they usually think of the shiny part. What they don\u2019t see are the hours I spent after work brushing up on fundamentals, or the number of interviews I didn\u2019t crack.<\/p>\n\n\n\n

There were moments of imposter syndrome and doubts about whether I was good enough. But those quiet struggles were just as important as the visible milestones. They taught me resilience and discipline, which, honestly, mattered as much as technical skills.<\/p>\n\n\n\n

How It Feels to Work in Security at Microsoft<\/h2>\n\n\n\n

From the outside, working at Microsoft feels like a dream: cutting-edge technology, a massive impact, and some of the brightest minds in the field. And yes, it\u2019s all of that. But what I\u2019ve realized is that it\u2019s not just about \u201chacking cool stuff.\u201d<\/p>\n\n\n\n

A lot of my day is about collaboration, design discussions, reviewing processes, and enabling developers to ship products securely. Security here isn\u2019t just about breaking\u2014it\u2019s about building trust. That responsibility feels big, but it\u2019s also incredibly motivating.<\/p>\n\n\n\n

<\/p>\n\n\n\n

How my career progression helped me<\/h2>\n\n\n\n

If I had to pick one word that defined my journey, it would be exposure<\/em>.<\/p>\n\n\n\n

At TCS<\/strong>, I got exposed to development. I learned how products are built, why deadlines matter, and how developers think.I had done multiple dev projects in my college but a corporate experience with dev did add a real value. It gave me empathy for engineers. I started to understand why certain security fixes feel \u201chard\u201d from their side, and why balancing functionality and safety is tricky. That mindset has been invaluable in my security career. It gives you a lot of perspective that now help me connect better with engineers when discussing security issues.<\/p>\n\n\n\n

At HackerOne<\/strong>, the exposure was different\u2014it was raw, fast, and very real. Triage meant I was looking at hundreds of vulnerability reports, reproducing them, figuring out impact, severity and communicating with both researchers and clients. Imagine dealing with bugs on criical customer’s platforms\u2014it was high pressure, intense, and at times overwhelming, but it taught me speed, precision, and perspective, different techniques to approach a bug.<\/p>\n\n\n\n

That combination\u2014building systems and breaking them\u2014became the foundation for my next leap.<\/p>\n\n\n\n

The Microsoft Interview Experience<\/h2>\n\n\n\n

I can\u2019t dive into every tiny detail, but here\u2019s a look at my overall experience going through the Microsoft interview process.<\/p>\n\n\n\n

Interviewing at Microsoft was nerve-wracking. I had my share of \u201cwhat if I mess this up?\u201d moments. The process tested me on fundamentals, problem-solving, and how I\u2019d approach real-world scenarios.<\/p>\n\n\n\n

Some rounds felt smooth, others left me replaying answers in my head for days. But what stood out was that it wasn\u2019t just about \u201ccan you exploit this vulnerability?\u201d It was about how I think<\/em>\u2014how I\u2019d secure a system, how I\u2019d balance risks, how I\u2019d work with others.<\/p>\n\n\n\n

Walking out of those interviews, I realized something: preparing only for technical questions isn\u2019t enough. You need to prepare to think like a security engineer at scale.<\/p>\n\n\n\n

The Team<\/h2>\n\n\n\n

When I joined my team, the first thing I noticed was how diverse everyone\u2019s strengths were. Some were experts in cloud, others in offensive techniques, some in automation or product security. No one pretended to know everything.<\/p>\n\n\n\n

The best part? The openness. People share, teach, and learn from each other. Coming from environments where knowledge was sometimes siloed, this was refreshing. It makes you feel less like \u201cthe new person\u201d and more like part of a collective brain.<\/p>\n\n\n\n

The Culture<\/h2>\n\n\n\n

Coming from a company like HackerOne, I realized early on that culture was something I couldn\u2019t compromise on. The way a company treats its employees, encourages growth, and fosters collaboration matters just as much as the work itself. When I joined Microsoft, I was pleasantly surprised\u2014its culture has truly been at par with, and in many ways even exceeded, my expectations.<\/p>\n\n\n\n

From day one, I felt welcomed and supported. There\u2019s a genuine emphasis on work-life balance, learning, and open communication. People are approachable, mentorship is encouraged, and knowledge-sharing isn\u2019t just a buzzword\u2014it\u2019s practiced every day. I\u2019ve loved being part of an environment where your contributions are valued, your growth is prioritized, and the culture genuinely feels employee-friendly. It makes showing up to work exciting, not just because of the projects, but because of the people and environment around you.
<\/p>\n\n\n\n

The Perks<\/h2>\n\n\n\n

One of the things I absolutely love about working at Microsoft are the perks that make everyday life so much better. The campus itself is designed to keep you inspired, with collaborative spaces, wellness programs, and flexibility that really helps with work-life balance. But if I had to pick a favorite, it would definitely be the food. The cafeterias offer an incredible variety\u2014everything from healthy options to comfort food\u2014and it feels like you\u2019re spoiled for choice every single day. It may sound small, but great food and thoughtful perks really do make a difference in creating an environment where you look forward to coming to work.
Here are few pics from my gallery.<\/p>\n\n\n\n

\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n<\/figure>\n\n\n\n


On a lighter note, I also picked up a new hobby at Microsoft\u2014Table Tennis\u2014which has quickly become one of my favorite ways to unwind and recharge between work sessions!<\/p>\n\n\n\n

What I\u2019ve Learned So Far<\/h2>\n\n\n\n

Some lessons stand out from this journey:<\/p>\n\n\n\n

    \n
  • Communication matters.<\/strong> Finding a bug is only step one. Explaining it clearly and helping fix it is where you create real value.<\/li>\n\n\n\n
  • You\u2019ll never be \u201cdone.\u201d<\/strong> The learning curve never flattens. And that\u2019s a good thing.<\/li>\n\n\n\n
  • Security is about enabling.<\/strong> The best security folks don\u2019t just block\u2014they help teams ship safely.<\/li>\n<\/ul>\n\n\n\n
    \n\n\n\n

    For Anyone Wanting to Land a Security Role at Microsoft
    <\/h2>\n\n\n\n

    I often hear from college students and freshers asking me how I made the jump from being a developer to working in security. I thought this section would be the perfect place to share my story.<\/p>\n\n\n\n

    When I was a developer, I never really let go of security. I worked on side projects that kept my security knowledge sharp, and whenever I developed a feature, I\u2019d naturally look at it from a security perspective\u2014even though nobody at my job ever asked me to. I also submitted papers to security conferences and built connections with people who had 10\u201315 years of experience in the field. Most of this happened because I made it a point to attend security meetups and conferences, meeting people face-to-face.<\/p>\n\n\n\n

    I know a lot of students think breaking into security as a fresher is almost impossible\u2014and honestly, I get it. The job market is tough. Freshers openings are limited, and companies often look for a certain level of corporate experience or certifications.<\/p>\n\n\n\n

    But here\u2019s one pathway that worked for me, and I think it can help anyone feeling stuck.<\/p>\n\n\n\n

    If you enjoy building things or have a development background, start by getting into a company via a development role. Work there for some time, but keep one eye on security. Try to find opportunities for an internal switch into a security team. Alongside, keep your \u201cside hustle\u201d alive\u2014do bug bounties, CTFs, or labs on platforms like HTB. This way, you build experience in both worlds: development and security. Eventually, that combination can open doors to core security roles and help you land at your dream companies.<\/p>\n\n\n\n

    If you\u2019re on this journey too, here\u2019s what I\u2019d say:<\/p>\n\n\n\n

      \n
    • Build strong fundamentals in OS, networking, cloud, and web security.<\/li>\n\n\n\n
    • Get practical exposure\u2014bug bounties, labs, side projects, whatever works for you.<\/li>\n\n\n\n
    • Learn to think like a developer, not just a hacker.<\/li>\n\n\n\n
    • Practice communicating clearly. You\u2019ll need it every day.<\/li>\n\n\n\n
    • Prepare for interviews with scenarios, not just technical trivia.<\/li>\n\n\n\n
    • Put yourself out there\u2014blog, contribute, connect.<\/li>\n\n\n\n
    • And most importantly: be patient. It might take multiple tries, but every attempt builds you up.<\/li>\n<\/ul>\n\n\n\n

      Wrapping Up<\/h2>\n\n\n\n

      For me, this journey wasn\u2019t about one \u201cbig break.\u201d It was about all the small steps: coding at TCS, triaging at HackerOne, late-night study sessions, failed interviews, and countless learnings along the way.<\/p>\n\n\n\n

      Landing at Microsoft is a milestone I\u2019m proud of, but what I value more is the process it took to get here. If you\u2019re chasing the same dream, my only advice is\u2014keep at it. Focus on learning, building, and enjoying the journey. The rest will follow!!<\/p>\n\n\n\n

      That’s all for this post. See you in the next one. Until then, keep striving!!<\/p>\n","protected":false},"excerpt":{"rendered":"

      If someone had told me a few years ago that I\u2019d be working in cybersecurity at Microsoft, I probably wouldn\u2019t have believed them. My path wasn\u2019t straightforward or glamorous\u2014it was messy, full of late nights small wins, rejections, and unexpected turns. But every step, from writing code at TCS to triaging bugs at HackerOne, added […]<\/p>\n","protected":false},"author":1,"featured_media":1876,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[2,225],"tags":[462,100,461,452],"class_list":["post-1866","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-security","category-interview","tag-application","tag-infosec","tag-jobs","tag-security","entry","has-media"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/posts\/1866"}],"collection":[{"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/comments?post=1866"}],"version-history":[{"count":2,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/posts\/1866\/revisions"}],"predecessor-version":[{"id":1877,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/posts\/1866\/revisions\/1877"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/media\/1876"}],"wp:attachment":[{"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/media?parent=1866"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/categories?post=1866"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/shreyapohekar.com\/blogs\/wp-json\/wp\/v2\/tags?post=1866"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}