Apply on Employer Site

Microsoft · 1 day ago

Senior Security Engineer - Security Incident Response - CTJ - Secret

Redmond, WA

Full-time

Onsite

Mid, Senior Level

$120K/yr - $235K/yr

5+ years exp

Microsoft is one of the largest enterprise service companies in the world, focused on securing digital technology platforms and devices. The Senior Security Engineer will coordinate investigations and execute mitigation actions to address security incidents impacting Microsoft’s products or services, while maintaining knowledge of threat actor tactics and leading strategic changes for eviction scenarios.

Artificial Intelligence (AI)Enterprise SoftwareCloud ComputingCyber SecuritySoftwareProfessional ServicesInformation TechnologyAgentic AIApplication Performance ManagementBusiness DevelopmentDevOpsInformation ServicesManagement Information SystemsNetwork Security

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Coordinate with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services

Conduct hands-on mitigation where possible; engages service owners when there is a risk of a production outage

Maintain hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams

Brief executive stakeholders on eviction plans and associated status

Maintain and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities

Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform; operationalize as they are delivered

Drive strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)

Participate in an on-call rotation

Qualification

Cyber SecurityIncident ResponseThreat AnalyticsSecurity Operations Center (SOC)Software Development LifecycleAnomaly DetectionSecurity IncidentEvent Management (SIEM)Large-scale ComputingKusto Data Query LanguageProblem StructuringAutonomyInfluencing OthersBias for Action

Required

Doctorate in Statistics, Mathematics, Computer Science, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response

OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response

OR equivalent experience

Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role

The successful candidate must have an active U.S. Government Secret Security Clearance

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role

Failure to maintain or obtain the appropriate clearance and/or customer screening requirements may result in employment action up to and including termination

This position requires successful verification of the stated security clearance to meet federal government customer requirements

You will be asked to provide clearance verification information prior to an offer of employment

This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter

This position requires verification of U.S. citizenship due to citizenship-based legal restrictions

Preferred

5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response

OR a Bachelor's Degree in Statistics, Mathematics, Computer Science or related field

3+ years of hands-on experience working in cyber security incident response

7+ years of hands-on experience working in cybersecurity incident response

Hands-on experience with incident response in Azure or Microsoft 365

Proficient with Kusto data query languages

Ability to work under pressure, structure unstructured problems and provide clarity where ambiguity exists

Ability to operate with autonomy, influence others, and a bias for action

Company

Microsoft

Glassdoor4.3

Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.

Founded in 1975

Redmond, Washington, USA

10001+ employees

https://www.microsoft.com

Funding

Current Stage

Public Company

Total Funding

$1M

Key Investors

Technology Venture Investors

2022-12-09Post Ipo Equity

1986-03-13IPO

1981-09-01Series Unknown· $1M

Leadership Team

Satya Nadella

Chairman and CEO

Vukani Mngxati

Chief Executive Officer - Microsft South Africa

Recent News

Sherwood News

Here’s a rundown of the AI-powered humanoid robots that tech companies want to be your new roommates

2026-01-16

Cult of Mac

Today in Apple history: Bill Gates quits as Microsoft CEO

2026-01-16

Morningstar.com

Utilities Up on Demand Optimism — Utilities Roundup

2026-01-16

Company data provided by crunchbase