With over 17,000 employees worldwide, the mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft's products and services, ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more.
Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft's AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.
As a Senior Incident Response engineer, you will be an elite member of a customer-facing security support team leading incident response investigations for Microsoft's enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.
In the Customer Service & Support (CSS) team, we are looking for people passionate about delivering customer success. As a Senior Incident Response Engineer, you will own, troubleshoot, and solve highly complex customer technical issues. This role offers an opportunity to accelerate your career growth by honing your problem-solving, collaboration, and research skills, and developing your technical proficiency.
This role is flexible, allowing you to work up to 100% from home.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. We foster a growth mindset, innovate to empower others, and collaborate to achieve shared goals. We uphold values of respect, integrity, and accountability to create an inclusive culture where everyone can thrive at work and beyond.
Qualifications
Required Qualifications:
1. Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 5+ years of technical support, technical consulting, or IT experience OR 7+ years of relevant experience.
2. Minimum 2+ years of Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, Windows Server, and endpoint security).
3. Minimum 2+ years of Cloud investigations experience with Entra ID, Microsoft 365, and Microsoft Defender solutions.
4. Minimum 2 years of customer-facing experience.
5. Experience supporting large, complex, geographically distributed enterprise environments with 1000+ users.
6. Minimum 1+ years in Network Security or Systems Administration with experience in Windows Server, Windows Client, and Active Directory.
7. Experience in Entra ID and Microsoft 365 management and troubleshooting.
8. Experience with Microsoft Defender solutions and Azure Identity management.
9. Kusto Query Language knowledge.
10. Cloud experience with major providers, including security, networking, and migration of multi-cloud or hybrid deployments.
11. Automation skills (PowerShell, Python, Java, or similar).
12. Preferred certifications such as Microsoft Certifications, SANS GCIH, CISSP, CEH, AWS, etc.
13. Relevant work experience or higher education in a technical field.
14. Experience in Linux and/or Mac administration is a plus.
15. Ability to meet security screening requirements, including Microsoft Cloud Background Check.
Responsibilities
1. Scope customer security incidents.
2. Identify indicators of attack and compromise.
3. Analyze incident data from threat analytics tools.
4. Collaborate with Security and Threat Intelligence teams, providing indicators of compromise and malware samples.
5. Coordinate incident response with Microsoft security and consulting teams.
6. Develop and implement runbooks, capabilities, and techniques for Incident Response.
7. Perform security triage and analysis on endpoint, server, and network infrastructure.
8. Contain and resolve incidents promptly.
9. Stay informed about emerging threats and vulnerabilities.
10. Investigate root causes of complex security incidents.
11. Maintain confidentiality.
12. Participate in on-call rotations as needed.
Benefits and perks vary by location and employment type, including healthcare, educational resources, discounts, savings, leave, giving programs, networking opportunities, and more.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration regardless of age, ethnicity, gender, or other protected characteristics. Reasonable accommodations are available for applicants with disabilities during the application process.
#J-18808-Ljbffr