The Microsoft Security Response Center (MSRC) seeks a motivated and experienced Senior Security Engineer with a passion for detection and response to join our Enterprise Security Operations Center (SOC). As part of this dynamic and high-impact team you will work closely with other cloud and security experts across to the company to investigate threats against our enterprise environment.

　　In this role, you will focus on conducting detailed and comprehensive security investigations, drive security incidents to closure, partner with Microsoft security product teams to improve capabilities and contribute to countless other projects that enhance the security and scalability of our detection and response services.

　　We handle active security incidents and respond to threats from a variety of sources. This position requires that you work a rotational weekday and weekend shift schedule. Though schedule changes are not frequent, you will need to have flexibility to accommodate changes as needed.

　　Responsibilities

　　• Conduct detailed comprehensive analysis and investigation on a wide variety of security events.

　　• Implement containment and mitigation processes, and drive incidents to closure.

　　• Collaborate with Microsoft security product and business groups to improve detections and product experience.

　　• Participate in projects designed to continuously improve service functions

　　• Continuously fine-tune our detection pipeline to reduce false positives.

　　• Research and stay updated on emerging trends, tactics, techniques, and procedures (TTPs) of threat actors.

　　• Provide guidance and training to internal and partner team members on best practices for enterprise and cloud security.

　　Qualifications

　　Required Qualifications

　　5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident responseo OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.

　　3+ years of experience in security operations, detection engineering or incident response

　　2+ years of experience with cloud platforms

　　Other Requirements

　　Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government clearance.

　　Microsoft Cloud Background Check. This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

　　Preferred Qualifications

　　Experience with cloud platforms, such as Azure, AWS, or Google Cloud, and their security features and services.

　　Proficient in using various security investigation tools and platforms, such as Microsoft Sentinel, Microsoft Defender for Endpoint and Defender for Cloud

　　Experience in network and host-based forensics, malware analysis, and reverse engineering

　　Experience conducting investigations involving the collection and analysis of data

　　Ability to perform data analysis and visualization using tools such as Kusto, Azure Data Explorer, Splunk, ELK, Tableau, or Power BI

　　Solid understanding of common cybersecurity frameworks such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK

　　Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $145,800 - $238,600 per year.

　　Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

　　#MSFTSecurity

　　#MSRC

　　#DSR

　　Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .