Microsoft Looking For Cyber Security Incident Response Analyst at Redmond, WA Full Time

Digital Security & Resilience

The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. As part of Microsoft’s Security, Compliance, Identity, and Management organization, and a steward of Microsoft and our customer’s data, a core function of Microsoft DSR is ensuring the security of every aspect of the business. Microsoft DSR is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire, and grow within our organization and we encourage you to apply to learn more!

We are looking for an experienced Senior Security Incident Response (IR) Analyst to work in a highly collaborative, dynamic environment as part of the team responsible for security incident response at Microsoft. As a member of the incident response team, you will lead detailed investigations and analysis of security-related findings, alerts, and events across the Microsoft network. You will manage escalations and incidents in close coordination with teams across the Microsoft Cyber Defense Operations Center, security product groups and services. You will have the opportunity to participate in security testing and simulated response.

This work requires real-time problem solving, technical curiosity, judgement and excellent oral and written communications. Responsibilities include developing mitigation strategies, understanding root cause and developing repair items. You will perform technical analysis, document findings and recommendations, develop playbooks, provide timelines and deliver updates and other communications to audiences ranging from internal teams and executives to our most discerning customers.

Preferred work locations:
Atlanta, Georgia

Austin, Texas

Redmond, Washington

Reston, Virginia

Remote in the U.S.

Responsibilities

Key responsibilities:
Incident response lead for high impact cyber security incidents

Triage events, escalations and incidents to determine remediation and resolution actions

Coordinate appropriate response activities across teams or directly with stakeholders to rapidly remediate potential threats

Initiative and project-related support to provide Security Operations and Incident Response perspective and subject matter expertise

Qualifications

Knowledge, experience and skills required:
4+ years in an Information Security role (or an equivalent industry position)

3+ years demonstrated experience in computer security related disciplines, including but not limited to the following subject areas: software vulnerabilities and exploitation, host forensics, malware analysis, network traffic analysis, Insider Threat and web-focused security topics.

Preferred, not required:
Excellent presentation skills with prior experience of presenting to senior management

Experience with Cloud Computing and technology

Experience with Unix/Linux, or work relating to OS internals or file level forensics

CISSP or related GIAC certifications

The ideal candidate will have experience in a highly collaborative team environment, experience in a Security Operations Center or equivalent experience in enterprise scale services and platforms, technical depth in highly dynamic, complex environment.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.