Senior Security Operations Engineer

Redmond, Washington, United States

Microsoft

Entdecken Sie Microsoft-Produkte und -Dienste für Ihr Zuhause oder Ihr Unternehmen. Microsoft 365, Copilot, Teams, Xbox, Windows, Azure, Surface und mehr kaufen

View all jobs at Microsoft

Apply now Apply later

Are you looking for a challenge that puts you at the center of the Microsoft Edge + Platform Security Fundamentals (EPSF) strategy? Are you passionate about solving the security challenges of critical online services? Are you passionate about defensive and offensive security? Microsoft's EPSF (Edge + Platform Security Fundamentals) team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D). The EPSF Services Pentest (SERPENT) team needs a Senior Security Operations Engineer to increase our business partners' security posture. EPSF Security has a world-class security team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and defensive security and work closely with multiple teams across the company to continually improve our operational awareness.

 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

The primary responsibilities of this role include:


• Security Incident Response
Independently analyzes prioritized attempted or successful efforts to compromise systems security; recommends next steps and escalations to resolve. Develops response plans for new or nuanced issues. Devises mitigation steps; provides guidance to limit exposure. Apprises leadership of status. Manages stakeholder communication appropriately. Conducts postmortem analysis. Helps others understand triage, analysis, and prioritization.

• Identification and Detection of Control Failures
Designs solutions to address identified control issues (e.g., network, identity, high security), taking intended and unintended consequences into account. Operationalizes and scales a program and solution appropriately. Identifies high priority opportunities and makes data-driven recommendations for efficiencies to improve security posture (e.g., streamline processes, automate). Assists team with technical acumen as needed.

• Automation
Recommends automation to improve effectiveness and efficiencies of security operations; supports development and implementation of new automation. Provides automation and proactively proposes where investment will yield greatest efficiencies. Develops and implements solutions; improves solutions over time.

• Monitoring and Detection
Builds new detection capabilities; researches new attacks and identifies trends to reduce noise in detections. Drives prioritization and resources required to address potential or actual intrusions identified as a result of monitoring activities. Drives automation of detection and response.

• Threat Intelligence and Analysis
Recommends potential detections and signatures for defense capabilities based on analysis and understanding of threat trends in the industry

• Data-Driven Analysis
Recommends mitigation strategies based on trends identified in the analysis of key metrics, key performance indicators (KPIs), and other data sources (e.g., bugs, unhealthy data pipeline). Defines and implements metrics to address gaps in measurement. Influences others to take action in response to findings, prioritized by severity.

• Penetration Testing
Understands how weaponized code can be used in operations; determines how tactical tools can be adopted to larger scale automation. Engages security assurance organizations to identify new Tools Tactics Procedures (TTPs) and leverages in breaches operations

 

• Other 

Embody our Culture  &  Values 

 

Qualifications

Required/Minimum Qualifications
  • 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
    • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.

Other Requirments 

 

Cloud Background Check:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.

 

Microsoft Cloud Background Check:

This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

 

Additional or Preferred Qualifications

  •  7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
    • OR Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field.
  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification.
  •  Experience in technical disciplines outside security space, including general software development, networking, database management, and full-stack development.
  •  Demonstrated coding skills in one or more popular languages and platforms such as: C#, C++, Ruby, Python, and others.
  •  Experience testing web services, identifying and remediating OWASP top 10 security flaws, and understanding large complex systems quickly.
  • Networking/Identity Isolation, Active Directory, operational secruity and Linux skills

Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications and processes offers for these roles on an ongoing basis.

 

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

 

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

 

#EPSF

Apply now Apply later
Job stats:  1  0  0

Tags: Active Directory Analytics Automation Azure C CISA CISM CISSP Cloud Computer Science Full stack GCIA GCIH Incident response KPIs Linux Mathematics Monitoring Offensive security OSCP OWASP Pentesting Python Ruby SANS SDLC SIEM SOC Strategy Threat intelligence TTPs Windows

Perks/benefits: Medical leave Startup environment

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.