Responsibilities (Text Only)
This role is part of a collaborative team, assisting our customers with:
1. Performing deep analysis of attacker activity in on-premises and cloud environments
2. Identifying potential threats to enable proactive defense before incidents occur
3. Notifying customers about imminent attacker activity
4. Providing recommendations to improve cybersecurity posture and performing threat intelligence knowledge transfer
5. Building proof-of-concept and prototype threat hunting tools, automations, and capabilities
6. Driving product and tooling improvements by sharing insights from threat hunting and incident response with engineering teams
7. Identifying, prioritizing, and targeting complex security issues impacting customers and driving adoption of mitigations
8. Synthesizing research findings into mitigation recommendations and sharing across teams to foster change
Qualifications (Text Only)
Required qualifications include:
1. Bachelor's degree in Computer Science, Engineering, or related experience
2. Proven knowledge of security fundamentals across Microsoft platforms (Client, Server, Cloud)
3. Strong understanding of malware and the modern threat landscape, especially identity-based attacks
4. Excellent communication skills, both oral and written
5. Critical thinking skills and willingness to learn new concepts and technologies
6. Familiarity with SQL or Kusto Query Language (KQL), and threat hunting automations
7. Experience with forensic analysis tools and security solutions
8. Knowledge of Windows internals, Linux/macOS forensic analysis, and third-party cybersecurity solutions
9. Certifications such as Azure, CISSP, SANS GIAC, etc., are advantageous
10. The candidate must be able to obtain or have Security Check (SC) or Developed Vetting (DV) clearance as required
If you are passionate about strengthening customer security, this role offers a promising future within Microsoft's Global Hunting Oversight and Strategic Triage team.
Microsoft is an equal opportunity employer. For accommodations due to disability, please contact us through the provided form.
#J-18808-Ljbffr