Core Services Engineering builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster and more securely every day. Core Services Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more! The Digital Security and Risk Engineering (DSRE) team is looking for a seasoned and dynamic person to thrive in a Security Analyst role focusing on detection & response to threats against the Microsoft Core Services Engineering (CSE) environment. This person will have the opportunity to work on technology and processes with a global reach. The data that is produced will be used to drive security efforts at the highest levels within the company. This role is an integral part of the security controls that Microsoft CSE uses to protect its data and intellectual property. Microsoft Core Services and Engineering is for IT and business technology professionals who want to be strategic partners to the business and be the first place to create innovative solutions using all of Microsoft’s products and services. Microsoft Core Services and Engineering provides career growth opportunities, a rewarding and flexible work environment so you can better integrate professional and personal life. Inspiring what’s next, Microsoft Core Services and Engineering employees make global impact on thousands of customers and thousands of employees who use Microsoft software and services. We provide Digital Security and Risk Engineering. And we’re kind of a big deal.
- Review security events and alerts, vulnerability and configuration data, and other information from the Core Services Engineering (CSE) environment, combined with intelligence, to identify potential & active threats to systems & data.
- Analyze and respond to attacks reported from multiple sources both internal and external.
- Correlate network and host logs to determine entry point of compromises, impact to affected services, and identification of mitigation measures to contain/prevent the threat
- Perform discovery and retrospective analysis focused on Advanced Persistent Threat (APT) tactics, techniques, and procedures
- Collaborate with security partners and threat intelligence teams to derive indications and warnings of impending threat
- Conduct malware analysis of identified malicious code for implementing enhanced protection/detection mechanisms for the threat
- Keep up to date on emerging vulnerability and threat trends, using this knowledge to drive proactive threat monitoring.
- Participate in creating innovative ways to use a wide range of security event data to advance detection methods
- Develop efficiencies for the Security Operations Center through scripting and automation of existing tools/processes.
- Mentor and develop junior analysts
- 3 years experience in security analysis, incident response, and analyzing a wide variety of network and host security logs to detect and resolve security issues
- 3 years experience with common security operations systems, (i.e. Intrusion Detection Systems (IDS), Security Incident Event Management systems (SIEM), anti-virus, log collection systems, etc.).
- BA/BS in Computer Science, MIS, or related field
- 2+ years experience with advanced analysis techniques for the purpose of adversary hunting and root cause analysis of cyber breaches
- 2 years experience with reverse engineering and malware analysis
- Ability to deal with the ambiguity associated with working in a fast paced and changing environment
- Background in threat intelligence and digital forensics a plus
- Excellent interpersonal and group dynamic skills.
- Strong written and verbal communication skills.
- Ability to manage and deliver multiple project phases at the same time
- Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc. SANs Certifications, CISSP
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.