Job Description

Does working on a team protecting over 1 billion customers and making the world a better place sound exciting? Do you want to join one of the top security response organizations in the world? Do you want to innovate and improve relations with the global security research community? This may be the opportunity for you.

The Microsoft Security Response Center (MSRC) seeks motivated, experienced security professionals to join our team. As the company accelerates our transformation in a mobile-first, cloud-first world, there has never been a more exciting time to be part of the MSRC. We strive to always serve our customers at the highest-level while being constantly agile and adopting a growth mindset mentality that will transform Microsoft.

As a Senior Security Analyst, you will perform investigations and forensic analysis during information security incidents for Microsoft's Cloud + Artificial Intelligence division. Your passion for finding creative approaches will shine as you gather evidence and build a picture about what transpired. You will be responsible for fusing multiple sources of evidence to determine how a security incident occurred and what steps need to occur to remediate it. You will also be responsible for building capabilities that close information gaps, strengthen our cloud defenses, and defend customers from emerging security threats. MSRC is a fast-paced team that constantly provides new opportunities to learn and grow.

* Perform forensic investigation on suspected compromised assets to determine what occurred.
* Collaborate with the team to create adversary eviction and incident remediation plans.
* Build and develop the forensic program through expertise, collaboration, and influence.
* Automate response and forensic functions through coding and scripting.
* Evaluate security risks and their impact to the Microsoft Cloud platform and its online services.
* Create technical documentation for other analysts and other teams to follow.

Required Qualifications:

* 4+ years of demonstrated experience in either of the below (the ideal candidate will match both):
* Performing forensic analysis of digital files and physical media from a diverse array of operating systems (Windows, Linux, BSD), and application software (SQL, IIS, Dynamics, etc.)
* Extensive experience in responding to, investigating, and recovering from compromise and data breach events.
* Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

* Experience in developing services or scripts for automation of analysis, response, or forensics.
* Previous experience performing Digital Forensics and Incident Response (DFIR) within Internet Service Provider (ISP) or Cloud Service Provider (CSP) environments.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.