Be an early applicantLess than 25 applicants

Company

Microsoft · 14 hours ago

Cybersecurity Infrastructure Engineer

New Jersey, United States

Full-time

Remote

Mid, Senior Level

$117K/yr - $229K/yr

5+ years exp

Maximize your interview chances

Data ManagementDeveloper Tools

Growth Opportunities

H1B Sponsor Likely

Insider Connection @Microsoft

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Ability to deliver adversary containment and recovery efforts across multiple workstreams

Ability to quickly build and execute a recovery plan as a response to large-scale impactful incidents involving ransomware and destructive adversarial campaigns

Deploying forensic collection tooling across a wide range of complex environments

Identifying potential threats – allowing for proactive defence before an actual incident

Providing recommendations to improve cybersecurity posture going forward

Performing knowledge transfer to prepare customers to defend against today’s threat landscape

Researching, analyzing, and summarizing security threats and response capabilities, sharing across the team

Identifying, conducting, and supporting others in conducting research into critical security areas, such as current attacks, adversary tracking, and academic literature

Creating and documenting new solutions to mitigate security issues

Recommending prioritization and validation methods for technical indicators, develops tools to automate analyses

Leads efforts to clean, structure, and standardize data and data sources; leads data quality efforts to ensure timely and consistent access to data sources

Developing written content for publication on Microsoft blog platforms

Developing presentations for delivery at internal and external conferences

Use the unique experiences of Microsoft Incident Response to create unique storytelling moments

Completing operational tasks and readiness with timeliness and accuracy

Following Microsoft policies, compliance, and procedures (e.g., Enterprise Services Authorization Policy, Standards of Business Conduct, labor logging, expenses, travel guidelines)

Leading by example and guiding team members on operational tasks, readiness, and compliance.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Microsoft security solutionsIdentity systemsIncident responseActive DirectoryThreat Actor containmentEntra IDAzure Resource ManagementAzure IaaSRole Based Access ControlsKQLSPLSQLMicrosoft Defender 365SCCMIntuneAnsibleChefPuppetPowerShellBash scriptingSplunkCrowdStrike FalconQRadarMicrosoft PKIAD FSLinuxMacOSAI productsDevOpsHyper-V

Required

5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection + OR Master's Degree in Statistics, Mathematics, Computer Science or related field

2+ years experience with Threat Actor containment during an incident, rapid recovery of critical infrastructure (primarily Active Directory rebuild and restoration), and eviction of a Threat Actor after an investigation

2+ years of Active Directory and associated components (Kerberos, NTLM, Group Policy, Backup and Disaster Recovery, DNS, AD tiering models, gMSAs)

2+ years of Entra ID and associated components (Conditional Access, Multifactor Authentication, Passwordless Authentication, Privileged Identity Management, Identity Protection, Entra ID Connect)

Preferred

6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection + OR Doctorate in Statistics, Mathematics, Computer Science or related field

Azure Resource Management, Azure Infrastructure as a Service (IaaS), Role Based Access Controls (RBAC), Subscriptions, Resource Groups, Management Groups

Proficiency in one or more query languages (KQL, SPL, SQL, etc.)

Strong knowledge of at least two or more products in the Microsoft Defender 365 suite

Experience with large scale orchestration and deployment of software using deployment tools such as SCCM, Intune, Ansible, Chef, Puppet, etc.

Experience in PowerShell and bash scripting

Experience with third-party security products, including but not limited to, Splunk, CrowdStrike Falcon, QRadar, etc.

Experience with Microsoft Public Key Infrastructure (PKI) implementations, Active Directory Federation Services (AD FS)

Understanding and working knowledge of the Linux and MacOS platforms

Experience with two or more of Microsoft’s portfolio of Artificial Intelligence (AI) products such as Security Copilot, Bing Copilot, Github Copilot, Office Copilot and Windows Copilot

Understanding of DevOps, concepts such as Version Control, Infrastructure as code, CI/CD Pipelines, Frameworks, Configuration Management and Continuous Monitoring.

Experience with management of virtualization platforms such as Hyper-V, VMware, etc.

Experience with IP network management including routing, firewalls, access control lists, DHCP, packet analysis, and troubleshooting network traffic flow

Company

Microsoft

Glassdoor

4.3

Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.

Founded in 1975

Redmond, Washington, USA

10,001+ employees

https://www.microsoft.com

H1B Sponsorship

Microsoft has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (5862)

2022 (11005)

2021 (8174)

2020 (6856)