Responsibilities (Text Only)
1. Scope customer security incidents
2. Understand and identify indicators of attack and indicators of compromise
3. Analyse incident data from threat analytics tools
4. Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer's environment
5. Coordinate a response to the security incident with other Microsoft security and consulting teams
6. Develop, document, and implement runbooks, capabilities, and techniques for Incident Response
7. Perform security triage and analysis on endpoint, server, and network infrastructure
8. Perform activities necessary for immediate containment and short-term resolution of incidents
9. Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
10. Investigate root causes of complex security incidents
11. Maintain a high level of confidentiality
12. Participate in the on-call rotation as required
Qualifications (Text Only)
Required Qualifications:
1. Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 5+ years of technical support, technical consulting, or IT experience, OR 7+ years of such experience, or equivalent experience
2. Minimum 2+ years Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, Windows server, and endpoint security, etc.)
3. Minimum 2+ years Cloud investigations experience with Entra ID, Microsoft 365, and Microsoft Defender solutions
4. Minimum 2 years customer-facing experience
5. Experience supporting large and complex geographically distributed enterprise environments with 1000+ users
6. Minimum 1+ years of experience in Network Security Administration and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration
7. Experience in Entra ID and Microsoft 365 management and troubleshooting
8. Experience with any Microsoft Defender solutions
9. Experience in Azure Identity management and troubleshooting
10. Kusto Query Language knowledge
11. Cloud experience with major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
12. Automation skills (PowerShell, Python, Java, or similar language at beginner to intermediate level)
13. Preferred certifications (Microsoft Certifications, SANS GCIH, CISSP, CEH, AWS, etc.)
14. Preferred Bachelor's degree or higher in a technical field or relevant work experience
15. Experience in Linux and/or Mac administration
16. Ability to meet security screening requirements, including Microsoft Cloud Background Check
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration without regard to various protected characteristics. Reasonable accommodations are available for applicants with disabilities. Benefits and perks may vary depending on employment location and nature.
#J-18808-Ljbffr