Security Analyst II Microsoft
Redmond, WA

Job Description

Are you interested in discovering and tracking emerging threats, and delivering the detection Microsoft and its customers? Do you want to be part of the team that provides security analysis services for products such as Office 365's Advanced Threat Protection?

Do you like reversing malwares? We'll give you malware to analyze.

Love coding? There's plenty to write.

Are you a data buff? Then this place is for you!

Come join us at Microsoft Threat Intelligence Center (MSTIC) in Cloud&AI Security!

Microsoft Threat Intelligence Center (MSTIC) is looking for an experienced Security Analyst to join the Microsoft Global Research and Response Team. MSTIC is focused on countering adversary-based threats to Microsoft and its customers through production and dissemination of threat intelligence, proactive hunting and incident response, and the development of new tools and approaches to detect adversary activity. The team focuses on tracking emerging email borne threats (malware/phishing), writing detections, APT campaign analysis and generating premium threat intelligence content.

Check our our blog to learn more: http://aka.ms/r2blogs

Required Qualifications:

* 1+ years of experience in writing system and network based signatures (Regular Expressions, Yara, ClamAV, Snort)
* 1+ years of experience in programming or scripting laguages like C#, Python etc.


* 1+ experience in analyzing emails and URLs for phishing content



Preferred Qualifications:

* Expert knowledge in intelligence analysis and reporting using common tools and techniques
* Have strong data knowledge, and ability to analyze and present complex data visually in a meaningful way
* Good written and verbal communication skills and an eye for detail
* 1+ years of experience in Malware Analysis, Reverse Engineering
* 1+ years of experience with static and dynamic analysis tools, ex: Ida Pro, Debuggers (Ollydbg /Immunity, Windbg)
* Ability to work across geographically separated teams
* Self-starter and able to deliver under stress, particularly in emergency response situations
* Innovative thinking to solve hard problems in ways that meet both customer and business goals
* BS in Computer Science or Computer Engineering, or at least 3 years of comparable industry experience

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#AzureSecOpen #AzureSecEPD

* Analyze email messages to identify Phish/Spam/Malware content
* Analyze large datasets to identify Phish/Malware trends
* Provide in-depth / FP / FN analysis for Office 365 Advanced Threat Protection service
* Implement rich security analysis and production quality detection capabilities in the cloud
* Respond to escalations from partner, engineering, sales & marketing teams
* Respond to incidents and alerts as they are detected, and take appropriate actions to protect the environment
* Hunt for targeted attacks, 0'day exploits and new threats targeting Microsoft and customers
* Generate quality technical reports/blog content on the research, trending threats and their detections