Applicants apply for Security Incident Responder

Job Description

Microsoft Digital builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster, and more securely every day. Microsoft Digital Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates.We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our Digital Security and Resilience (DS&R) organization and we encourage you to apply to learn more!We are looking for an experienced security engineer to work in a highly collaborative, dynamic environment as part of the team responsible for security incident response at Microsoft. As a member of the incident response team, you will lead detailed investigations and analysis of security-related findings, alerts and events across the Microsoft Network. You will manage escalations and incidents in close coordination with teams across the Microsoft Cyber Defense Operations Center (CDOC), security product groups and services. You will have the opportunity to participate in security testing and simulated response.This work requires real-time problem solving, technical curiosity, judgement and excellent oral and written communications. Responsibilities include developing mitigation strategies, understanding root cause and developing repair items. You will perform technical analysis, document findings and recommendations, develop playbooks, provide timelines and deliver updates and other communications to audiences ranging from internal teams and executives to our most discerning internal businesses.#DSR
• Incident response lead for high impact cyber security incidents
• Triage events, escalations and incidents to determine remediation and resolution actions
• Coordinate appropriate response activities across teams or directly with stakeholders to rapidly remediate potential threats
• Develop playbooks to improve processes and information sharing across teams
• Initiative and project-related support to provide Security Operations and Incident Response perspective and subject matter expertise
• Contribute technical and process improvements within the team
• Participate in current operations, on call rotation. Which includes some after-hours responsibilities and escalations.
,
• Bachelor s Degree in computer science or Cyber Security, or 5+ years in an Information Security role (or an equivalent industry position)
• Demonstrated experience in computer security related disciplines, including but not limited to the following subject areas: software vulnerabilities and exploitation, host forensics, malware analysis, network traffic analysis, Insider Threat and web-focused security topics.
• Knowledgeable about modern security related subjects and trends, for example, Advanced Persistent Threat (APT), Spear Phishing, and credential compromise techniques
• Proven ability to drive large scale, high visibility projects with high collaboration and leadership
• Excellent judgment, decision making skills, and the ability to work under pressure
• Excellent written and oral communication skills
• Excellent presentation skills and experience of presenting to senior management
Preferred, not required:
• Experience with Cloud Computing and technology
• Experience with Unix/Linux, or work relating to OS internals or file level forensics
• CISSP or related GIAC certifications
Describe the ideal candidate (optional)The ideal candidate will have experience in a highly collaborative team environment, experience in a Security Operations Center or equivalent experience in enterprise scale services and platforms, technical depth in highly dynamic, complex environment.Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Keyskills :
root causenetwork traffic analysissecurity incident response