With over 17,000 employees worldwide, the mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more.Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.As a Senior Incident Response engineer, you will be an elite member of a customer-facing security support team leading incident response investigations for Microsoft’s enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.In the Customer Service & Support (CSS) team, we are looking for people with a passion for delivering customer success. As a Senior Incident Response Engineer, you will own, troubleshoot, and solve highly complex customer technical issues. This role offers an opportunity to accelerate your career growth by honing your problem-solving, collaboration, research skills, and developing your technical proficiency.This role is flexible and allows you to work up to 100% from home.Microsoft’s mission is to empower every person and every organization on the planet to achieve more. We foster a growth mindset, innovate to empower others, and collaborate to achieve shared goals. Our culture is built on respect, integrity, and accountability, creating an inclusive environment where everyone can thrive.ResponsibilitiesScope customer security incidentsUnderstand and identify indicators of attack and indicators of compromiseAnalyse incident data from threat analytics toolsCollaborate with the Security and Threat Intelligence teams by providing indicators of compromise and malware samples from the customer’s environmentCoordinate incident response with other Microsoft security and consulting teamsDevelop, document, and implement runbooks, capabilities, and techniques for Incident ResponsePerform security triage and analysis on endpoint, server, and network infrastructurePerform activities for immediate containment and short-term resolution of incidentsMaintain current knowledge of the threat landscape, emerging security threats, and vulnerabilitiesInvestigate root causes of complex security incidentsMaintain confidentialityParticipate in the on-call rotation as requiredQualificationsRequired Qualifications:Bachelor's degree in Computer Science, Information Technology, or related field AND 5+ years of technical support, consulting, or IT experienceOR 7+ years of relevant experienceOR equivalent experienceMinimum 2+ years Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS, threat analytics, Windows server, endpoint security)Minimum 2+ years Cloud investigations experience with Entra ID, Microsoft 365, and Microsoft Defender solutionsMinimum 2 years customer-facing experienceExperience supporting large, geographically distributed enterprise environments (>1000 users)Minimum 1+ years in Network Security or Systems Administration, with experience in Windows Server, Windows Client, and Active DirectoryExperience with Entra ID and Microsoft 365 management and troubleshootingExperience with Microsoft Defender solutionsExperience in Azure Identity management and troubleshootingKusto Query Language knowledgeCloud experience with major providers, including security, networking, and migration in multi-cloud or hybrid environmentsAutomation skills (PowerShell, Python, Java, or similar)Preferred certifications (Microsoft, SANS GCIH, CISSP, CEH, AWS, etc.)Preferred higher education in a technical field or relevant work experienceAdditional experience in Linux and/or Mac administration is a plus. Ability to meet Microsoft, customer, and government security screening requirements, including passing the Microsoft Cloud Background Check, is mandatory.Microsoft is an equal opportunity employer. We consider all qualified applicants without regard to age, ethnicity, gender, disability, or other protected characteristics. If you require accommodations during the application process, please refer to our guidelines for requesting accommodations.
#J-18808-Ljbffr