Senior Incident Response Team Lead

The mission of Microsoft Digital Security & Resilience (DSR) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. ​As part of the Microsoft Security organization, and a steward of Microsoft and our customer’s data, a core function of Microsoft DSR is ensuring the security of every aspect of the business. Microsoft DSR is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!   

Our team is looking for a Senior Incident Response Team Lead to support our Software & Services Incident Response Plan (SSIRP), by contributing to our critical security operations and performing cyber defense analysis, so that we can continue to protect our customers and Microsoft. 

Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

• Performing cyber defense incident and/or vulnerability triage to determine scope, urgency, and potential risk impact.
• Make high-stake decisions that enable expeditious remediation of risk to protect customers and Microsoft.
• Track and document cyber defense incidents from initial escalation through final resolution.
• Provide tactical security decisions and coordinate enterprise-wide cyber defenders to resolve incidents.
• Send timely and clear executive updates explaining the risk to customers and Microsoft.
• Advise and validate customer notifications and/or authoritative security guidance for customers.
• Conduct incident analysis, produce reports, and briefs informing threat landscape trends and future investment areas to improve security.

Embody our Culture and Values

Qualifications

Required/Minimum Qualifications

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response

o OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field

Other Requirements 

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.

These requirements include, but are not limited to the following specialized security screenings: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications

• 2+ years working in a Security Operations Center [SOC], threat and vulnerabillity management (TVM) team
• CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification. 

Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $145,800 - $238,600 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until July 5, 2024.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MSFTSecurity

#DSR

#MSRC