Security Engineer II
Redmond, Washington, United States
Full Time Mid-level / Intermediate USD 98K - 208K
Microsoft
Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today.The Digital Security and Resilience (DSR) team is looking for a motivated Security Engineer II to be a part of the Cyber Security Operations Center.
In this role you will have the opportunity to work on cybersecurity issues as part of a dynamic and high-impact team. We use advanced security technologies, extensive automation and procedures to protect, detect and respond to security threats in real-time. In addition to day to day responsibilities, you will inform security initiatives across the company. You will analyze, contain and mitigate threats and escalations from multiple sources, both internal and external. You will be building and tuning a wide variety of advanced security detections, conducting detailed and comprehensive investigation and driving issues to closure. You will also contribute to developing innovative automation and orchestration solutions for detection and response. As part of the job, you will collaborate with security partners and Microsoft security product groups to improve our security posture.
The candidate will have experience in a team environment, experience with security operations and technical depth in information security domains like authentication, incident response, security monitoring or threat intelligence. In addition, this position requires an individual who thrives in high volume, highly collaborative setting.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Relocation assistance is unavailable for this role.
Responsibilities
- Detect and respond to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data.
- Conduct detailed comprehensive triage and investigation on a wide variety of security events and implement containment and mitigation processes.
- Collaborate with internal security partners and threat intelligence teams to derive indications and warnings of impending threat.
- Build, deploy, tune scalable systems that automate security event detection, response and repeatable tasks through technical solutions and new security tools.
- Work with analysts and engineers by observing gaps and opportunities to provide efficiencies in detection and response.
- Keep up to date on emerging vulnerability, response, mitigation, threat landscape trends and use this knowledge to drive proactive threat monitoring.
- Participate in creating innovative ways to use a wide range of security event data to advance detection methods.
- Use security business intelligence to drive prioritization and improvements within Microsoft security programs.
- Should have solid verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
- Demonstrated enthusiasm for learning new things and ability to pick up new ideas quickly.
- We handle active security events and respond to threats from a variety of sources, you will be required to participate in shift and on call rotation.
Qualifications
Required/Minimum Qualifications
- 3+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
o OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
- 3+ years of hands-on experience in security operations, threat detection and analysis, and/or incident response.
- 2+ years of professional software development life-cycle experience in one of the following - C#, JavaScript or Python.
Other Requirements
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check. This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Additional Qualifications:
- Experience in analyzing a wide variety of network and host security logs to detect and resolve security issues.
- Understanding of common threat analysis model’s such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.
- Deep understanding of system internals on MacOS, Windows, and Linux.
- Background in malware analysis.
- Experience developing on Azure PaaS technologies such as; Functions (and Durable Functions), Storage (blob, table, queues) and Logic Apps.
- Experience automating and developing with Python, Jupyter Notebooks, PowerShell, Kusto, or R with RESTful APIs.
- Experience correlating across very large and diverse datasets (Azure Data Lake, Azure Data Explorer, Cosmos DB).
- 2+ years working with SQL-based databases.
- Experience working within a diverse organization to gain support for your ideas.
- Ability to effectively multi-task and prioritize in a fast-paced environment.
Security Operations Engineering IC3 - The typical base pay range for this role across the U.S. is USD $98,300 - $193,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $127,200 - $208,800 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until July 4, 2024.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#MSFTSecurity #DSR #MSRC
Tags: Analytics APIs Automation Azure Business Intelligence C Cloud Computer Science Cyber Kill Chain Incident response JavaScript Linux MacOS Malware Mathematics MITRE ATT&CK Monitoring PaaS PowerShell Python SDLC SIEM SOC SQL Threat detection Threat intelligence Windows
Perks/benefits: Career development Medical leave Relocation support Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs