Job Information
Microsoft Corporation Senior Security Operations Engineer in Redmond, Washington
Are you looking for a challenge that puts you at the center of the Microsoft Edge + Platform Security Fundamentals (EPSF) strategy? Are you passionate about solving the security challenges of critical online services? Are you passionate about defensive and offensive security? Microsoft's EPSF (Edge + Platform Security Fundamentals) team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D). The EPSF Services Pentest (SERPENT) team needs a Senior Security Operations Engineer to increase our business partners' security posture. EPSF Security has a world-class security team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and defensive security and work closely with multiple teams across the company to continually improve our operational awareness.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
The primary responsibilities of this role include:
• Security Incident Response
Independently analyzes prioritized attempted or successful efforts to compromise systems security; recommends next steps and escalations to resolve. Develops response plans for new or nuanced issues. Devises mitigation steps; provides guidance to limit exposure. Apprises leadership of status. Manages stakeholder communication appropriately. Conducts postmortem analysis. Helps others understand triage, analysis, and prioritization.
• Identification and Detection of Control Failures
Designs solutions to address identified control issues (e.g., network, identity, high security), taking intended and unintended consequences into account. Operationalizes and scales a program and solution appropriately. Identifies high priority opportunities and makes data-driven recommendations for efficiencies to improve security posture (e.g., streamline processes, automate). Assists team with technical acumen as needed.
• Automation
Recommends automation to improve effectiveness and efficiencies of security operations; supports development and implementation of new automation. Provides automation and proactively proposes where investment will yield greatest efficiencies. Develops and implements solutions; improves solutions over time.
• Monitoring and Detection
Builds new detection capabilities; researches new attacks and identifies trends to reduce noise in detections. Drives prioritization and resources required to address potential or actual intrusions identified as a result of monitoring activities. Drives automation of detection and response.
• Threat Intelligence and Analysis
Recommends potential detections and signatures for defense capabilities based on analysis and understanding of threat trends in the industry
• Data-Driven Analysis
Recommends mitigation strategies based on trends identified in the analysis of key metrics, key performance indicators (KPIs), and other data sources (e.g., bugs, unhealthy data pipeline). Defines and implements metrics to address gaps in measurement. Influences others to take action in response to findings, prioritized by severity.
• Penetration Testing
Understands how weaponized code can be used in operations; determines how tactical tools can be adopted to larger scale automation. Engages security assurance organizations to identify new Tools Tactics Procedures (TTPs) and leverages in breaches operations
• Other
Embody our Culture (https://careers.microsoft.com/v2/global/en/culture) & Values (https://www.microsoft.com/en-us/about/corporate-values)
Qualifications
Required/Minimum Qualifications
5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
Other Requirments
Cloud Background Check:
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
Microsoft Cloud Background Check:
This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Additional or Preferred Qualifications
7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
OR Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field.
CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification.
Experience in technical disciplines outside security space, including general software development, networking, database management, and full-stack development.
Demonstrated coding skills in one or more popular languages and platforms such as: C#, C++, Ruby, Python, and others.
Experience testing web services, identifying and remediating OWASP top 10 security flaws, and understanding large complex systems quickly.
Networking/Identity Isolation, Active Directory, operational secruity and Linux skills
Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications and processes offers for these roles on an ongoing basis.
#EPSF
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .