Microsoft · 1 week ago
Senior Cyber Investigations Analyst
Wonder how qualified you are to the job?
Data ManagementDeveloper Tools
Insider Connection @Microsoft
Responsibilities
Respond to and investigate sophisticated threats with information from a wide variety of sources, and ensure similar scenarios are prevented in the future.
Perform forensic investigation on suspected compromised assets and analyze log data to determine what occurred.
Collaborate with the team to create adversary eviction and incident remediation plans.
Analyze and improve situational awareness, monitoring coverage, and incident response capabilities.
Investigate, analyze and eradicate threats proactively.
Design, develop, and deliver tooling to assist the investigative process.
Create technical documentation for other analysts and other teams to follow.
Embody our Culture and Values.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response.
OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
3+ years of experience working with adversary & cyber intel frameworks such as kill-chain model, ATT&CK framework, and Diamond Model.
3+ years experience with big data and Security Information & Event Management (SIEM) solutions such as ArcSight, Splunk, ElasticSearch, Logstash, Azure Data Explorer, Azure Log Analytics, Azure Data Lake, or Azure Sentinel.
3+ years experience working with extremely large data sets to answer complex and ambiguous questions, using tools and languages like: SQL, KQL, Jupyter Notebook, Spark, Azure Synapse, R, U-SQL, Python, Splunk, and PowerBI.
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
Preferred
Previous experience performing development and code debugging with functional or object-oriented programming such as .NET or Java.
Demonstrate ability to understand and communicate technical details with varying levels of management.
Expectation to learn new tools and techniques every day.
Good working knowledge of common security, encryption, and protocols such as encryption, PKI, modern authentication and cloud app authorization architectures and protocols such as SAML or OAUTH.
Past experience working in large scale enterprise products: M365 products such as Exchange, SharePoint, Skype, Teams.
Deep and practical OS security/internals knowledge for Linux and Windows. Exposure to security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
Ability to rapidly automate data handling and data curation using PowerShell, Python, Azure Data Factory, and various Azure-based tools.
Hands-on experience building Azure-based services with Azure Resource Manager (ARM), ARM templates, ARM policy, IaaS, VMSS, KeyVault, EventHub, Azure Active Directory (AAD), etc.
Hands-on experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
Ability to work effectively in ambiguous situations and respond favorably to change.
Comfortable working in a startup mode on a new team where there is lots of opportunity.
Certifications like GCIA, GSLC, GCIH, CISM, CISSP, CEH, Etc. are plus.
Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until July 1, 2024.
Benefits
Benefits and other compensation information available at: https://careers.microsoft.com/us/en/us-corporate-pay
Company
Microsoft
Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.
Funding
Current Stage
Public CompanyTotal Funding
$1MKey Investors
Technology Venture Investors
2024-01-02Undisclosed· Undisclosed
2022-12-09Post Ipo Equity· Undisclosed
1986-03-13IPO· nasdaq:MSFT
Leadership Team
Recent News
Digital Trends
2024-06-06
2024-06-06
2024-06-06
Company data provided by crunchbase