Microsoft · 13 hours ago
Cybersecurity Infrastructure Engineer
Maximize your interview chances
Data ManagementDeveloper Tools
Growth OpportunitiesH1B Sponsor Likely
Insider Connection @Microsoft
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Ability to deliver adversary containment and recovery efforts across multiple workstreams
Ability to quickly build and execute a recovery plan as a response to large-scale impactful incidents involving ransomware and destructive adversarial campaigns
Deploying forensic collection tooling across a wide range of complex environments
Identifying potential threats – allowing for proactive defence before an actual incident
Providing recommendations to improve cybersecurity posture going forward
Performing knowledge transfer to prepare customers to defend against today’s threat landscape
Researching, analyzing, and summarizing security threats and response capabilities, sharing across the team
Identifying, conducting, and supporting others in conducting research into critical security areas, such as current attacks, adversary tracking, and academic literature
Creating and documenting new solutions to mitigate security issues
Recommending prioritization and validation methods for technical indicators, develops tools to automate analyses
Leads efforts to clean, structure, and standardize data and data sources; leads data quality efforts to ensure timely and consistent access to data sources
Developing written content for publication on Microsoft blog platforms
Developing presentations for delivery at internal and external conferences
Use the unique experiences of Microsoft Incident Response to create unique storytelling moments
Completing operational tasks and readiness with timeliness and accuracy
Following Microsoft policies, compliance, and procedures (e.g., Enterprise Services Authorization Policy, Standards of Business Conduct, labor logging, expenses, travel guidelines)
Leading by example and guiding team members on operational tasks, readiness, and compliance.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection + OR Master's Degree in Statistics, Mathematics, Computer Science or related field
2+ years experience with Threat Actor containment during an incident, rapid recovery of critical infrastructure (primarily Active Directory rebuild and restoration), and eviction of a Threat Actor after an investigation
2+ years of Active Directory and associated components (Kerberos, NTLM, Group Policy, Backup and Disaster Recovery, DNS, AD tiering models, gMSAs)
2+ years of Entra ID and associated components (Conditional Access, Multifactor Authentication, Passwordless Authentication, Privileged Identity Management, Identity Protection, Entra ID Connect)
Preferred
6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection + OR Doctorate in Statistics, Mathematics, Computer Science or related field
Azure Resource Management, Azure Infrastructure as a Service (IaaS), Role Based Access Controls (RBAC), Subscriptions, Resource Groups, Management Groups
Proficiency in one or more query languages (KQL, SPL, SQL, etc.)
Strong knowledge of at least two or more products in the Microsoft Defender 365 suite
Experience with large scale orchestration and deployment of software using deployment tools such as SCCM, Intune, Ansible, Chef, Puppet, etc.
Experience in PowerShell and bash scripting
Experience with third-party security products, including but not limited to, Splunk, CrowdStrike Falcon, QRadar, etc.
Experience with Microsoft Public Key Infrastructure (PKI) implementations, Active Directory Federation Services (AD FS)
Understanding and working knowledge of the Linux and MacOS platforms
Experience with two or more of Microsoft’s portfolio of Artificial Intelligence (AI) products such as Security Copilot, Bing Copilot, Github Copilot, Office Copilot and Windows Copilot
Understanding of DevOps, concepts such as Version Control, Infrastructure as code, CI/CD Pipelines, Frameworks, Configuration Management and Continuous Monitoring.
Experience with management of virtualization platforms such as Hyper-V, VMware, etc.
Experience with IP network management including routing, firewalls, access control lists, DHCP, packet analysis, and troubleshooting network traffic flow
Company
Microsoft
Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.
H1B Sponsorship
Microsoft has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (5862)
2022 (11005)
2021 (8174)
2020 (6856)
Funding
Current Stage
Public CompanyTotal Funding
$1MKey Investors
Technology Venture Investors
2022-12-09Post Ipo Equity· Undisclosed
1986-03-13IPO· nasdaq:MSFT
1981-09-01Series Unknown· $1M
Leadership Team
Recent News
The Globe and Mail
2024-11-16
Company data provided by crunchbase