Apply on Employer Site

Microsoft · 7 hours ago

Senior Security Operations Engineer

Redmond, WA

Full-time

Onsite

Mid, Senior Level

$120K/yr - $235K/yr

4+ years exp

Microsoft is one of the largest enterprise service companies in the world, and they are seeking a Senior Security Operations Engineer to join their Detection Engineering team. The role focuses on advancing Microsoft's cyber defense capabilities by operating and maintaining high availability detection pipelines and enhancing detection solutions to improve security posture.

Agentic AIApplication Performance ManagementArtificial Intelligence (AI)Business DevelopmentDevOpsInformation ServicesInformation TechnologyManagement Information SystemsNetwork SecuritySoftware

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Operate and maintain high availability detection pipelines and automation, ensuring reliable end to end signal flow

Author, onboard, and continuously enhance high fidelity detections including enrichments, filtering and correlation

Build and optimize automation that accelerates detection lifecycle, onboarding, tuning, and coverage expansion

Evaluate and tune detections proactively and reactively to reduce noise, improve SNR, and shorten investigation time

Develop and maintain detection rules, telemetry requirements, metrics, and dashboards, collaborating with product and service teams to improve alert fidelity, visibility, and platform health

Qualification

Cyber SecuritySecurity Operations Center (SOC)Security IncidentEvent Management (SIEM)Automation of AnalysisThreat ModelingAnomaly DetectionMicrosoft Cloud Security TechnologiesLarge-scale ComputingSQLPythonKQLJupyter NotebookSparkRU-SQLPowerBIArcSightSplunkLogstashEmpathetic Communication

Required

Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response

OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response

OR Doctorate in Statistics, Mathematics, Computer Science, or related field

OR equivalent experience

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter

This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customer and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government Clearance

Preferred

Security Monitoring and Response: You have experience with MITRE or other attack frameworks and how to use it to identify and close gaps in detection capabilities

Security Architecture and Cloud Security expertise: 3+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, analyst, researcher, etc.) with experience in automation of analysis, response, or forensics

Previous experience in applying knowledge to uncover threats based on log data within Cloud Service Provider (CSP) environments (Azure AAD, Azure Resources, Event logs, Firewall, etc.) To build, analyze, and tune detections

Hands-on experience with Microsoft Cloud Security Technologies such as Azure Sentinel, Azure Defender, MDE, Application Governance, Defender for Cloud Apps, Azure Data Explorer and Azure Log Analytics or similar products like ArcSight, Splunk and Logstash; excellent understanding of prioritizing risk and threats

Automated Response and insights: Experience working with extremely large data sets to answer complex and ambiguous questions, using tools and languages like: SQL, KQL, Jupyter Notebook, Spark, R, U-SQL, Python, Splunk, and PowerBI and ability to automate repeatable security tasks through scripts or logic apps

Empathetic communication: You communicate nuanced ideas clearly, whether you're explaining technical decisions in writing or brainstorming in real time. In disagreements, you engage thoughtfully with other perspectives and compromise when needed

Company

Microsoft

Glassdoor4.3

Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.

Founded in 1975

Redmond, Washington, USA

10001+ employees

https://www.microsoft.com

Funding

Current Stage

Public Company

Total Funding

$1M

Key Investors

Technology Venture Investors

2022-12-09Post Ipo Equity

1986-03-13IPO

1981-09-01Series Unknown· $1M

Leadership Team

Satya Nadella

Chairman and CEO

Vukani Mngxati

Chief Executive Officer - Microsft South Africa

Recent News

Sherwood News

Here’s a rundown of the AI-powered humanoid robots that tech companies want to be your new roommates

2026-01-16

Cult of Mac

Today in Apple history: Bill Gates quits as Microsoft CEO

2026-01-16

Morningstar.com

Utilities Up on Demand Optimism — Utilities Roundup

2026-01-16

Company data provided by crunchbase