Do you have a passion for Cyber Security and excitement about impacting some of the largest and most complex security challenges Microsoft is involved with today in hosting petabytes of business-critical customer data? We're looking for a Security Incident Response Manager with the right mix of technical depth, engineering background, on-line services experience and collaboration skills to help grow and protect Office 365 cloud services.
Microsoft 365 is at the center of Microsoft's cloud first, devices first strategy bringing together cloud-hosted offerings of our most trusted communications and collaboration services (like Exchange, SharePoint, Teams, and more!) with our cross-platform desktop and mobile clients. Our customers depend on our services to achieve success in their organizations; whether it be a Fortune 100, small business, non-profit, or educational institution. You pass by dozens of our customers on your drive to work every day! Our customers trust us with their most critical data, and we honor that trust with continuous investment and improvement in the security of our services.
As a Service Engineer, you will provide coordination and leadership during information security incidents for Microsoft's Experiences and Devices division. Your passion will show as you step into a crisis and lead teams to a successful resolution. You will be responsible for ensuring that established processes are followed, decision points are documented, all relevant parties are engaged and understand the mission, and that customers and executives are up to date. You will also participate in required meetings, activities to discuss incidents and facilitate discussion around trends and early warning indicators, as well as help design solutions to emerging threats. M365 Security is a fast-paced team that constantly provides new opportunities to learn and grow.
This role requires verification of US Citizenship to meet federal government security requirements.
Candidates must have a current active Top Secret Clearance or above.
Candidates must be willing and able to upgrade to TS/SCI clearancewith Full Scop Polygraph.
This role will require the successful candidate to maintain the TS/SCI with Full Scope Polygraph.
Must pass the Microsoft Cloud background check upon hire or internal transfer and every two years thereafter.
Bachelor's degree or an additional 4 years direct industry experience
4+ years hands-on experience in security investigations, threat detection & analysis, security program management, and/or incident response.
An ability to work well under pressure while maintaining a professional image and approach.
Experience with security events (including large-scale breaches) is a must.
Strong working knowledge of security controls such as encryption, AuthN/AuthZ, PKI, HIDS, NIDS, etc.
Awareness of modern security related subjects and trends such as threat hunting and modeling, digital forensics, reverse engineering, phishing, and penetration testing.
Ability to work collaboratively with engineering teams to drive architectural changes that improve the stability and security of each environment.
Demonstrated success in dealing with ambiguity and problem definition under timeline constraints.
Strong comprehension of security trends and emerging threats to calculate risk and drive proper courses of action towards incident remediation.
Prior experience working with the US Government or US Department of Defense
Experience with cloud-hosted services, web-based applications, and server/service management features
Demonstrated ability to understand and communicate technical details with varying levels of management
Relevant industry certifications are a definite plus! (CISSP, Cisco, GIAC, etc.)
Strong scripting and/or coding skills (PowerShell, Python, C#, etc.)
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
In this exciting role, you will:
Analyze potential security issues and develop investigation and resolution plans
Facilitate implementation of established plans and procedures
Communicate complex and technical issues to diverse audiences, orally and in-writing, in an easily understood, authoritative, and actionable manner
Rapidly react to changing situations and develop new plans based on recent discoveries
Drive enhancements at every level of the OSI model to improve detection, response, and remediation
Coordinate with internal and external business partners and security teams at a deeply technical level