Cyber Security Threat Analyst Microsoft
Redmond, WA

Job Description

Cyber Security Threat Analyst/Service Engineer 2

Core Services Engineering builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster and more securely every day. Core Services Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!

If you enjoy researching and analyzing cyber threats to help security teams make informed decisions and reduce risk, then we would love to talk to you. We are a small agile team with a successful track record demonstrating how threat intelligence can be used across internal security teams to identify, protect, detect and respond to threats impacting our environment.

This is an exciting time to join our team and help us transform our program into an enterprise threat intelligence service in support of Microsoft's Cyber Defense Operations Center (CDOC). This service will not only be responsible for identifying and responding to threats but also driving prioritization of controls, improving proactive defenses and helping executives make informed risk decisions.

We are looking for a passionate data driven security analyst who is ready to jump in and help us deliver innovative and scalable solutions that can protect the company and our customers.

Knowledge, experience and skills required:

* A minimum of a Bachelor's degree in Computer Science or Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required
* 3+ years of Information Security or relevant consulting experience.
* Very strong understanding of cyber threat attack vectors, how they are used, and methods to detect and mitigate them.
* Strong analysis skills and the ability to bring complex data together to answer security and risk related questions.
* Good understanding of prevention, detection and response capabilities (Firewalls, Intrusion Detection Systems, Log Analysis, anti-malware, SIEM etc.) and how they help prevent and detect attacks.
* Experience analyzing security events and logs.
* Familiar with expected data types and sources needed to conduct incident investigations.

Preferred, not required:

* Good presentation skills and experience distilling complex security topics into concise and relevant material for both security and non-security professionals.
* Worked as an incident responder or as a tier 2/3 SOC analyst.
* Experience as an intelligence analyst and comfortable with the collection, analysis, processing, and dissemination of intelligence.
* Understanding of risk management techniques and frameworks.
* Familiar with SQL and the ability to query relational databases. Experience with Hadoop, HDInsight, and GraphDBs is also helpful.
* Experience with business intelligence and analysis tools such as Tableau, PowerBI, Maltego, Analyst Notebook and Excel.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

* Collect, process and analyze open source reporting as well as 1st and 3rd party threat intelligence feeds for relevance to Microsoft.
* Work with security teams and risk managers to provide data driven insights into existing and emerging threats.
* Leverage threat intelligence to improve the prioritization of preventative controls and mitigations to improve defenses of Microsoft.
* Deliver relevant and actionable Indicators of Compromise (IOCs) to teams across Microsoft to improve our ability to detect threats in our environment.
* Support response to internal incidents by managing intelligence collected during investigations and building a common understanding of threat activities.