|Location:||Greater London, Reading|
|Job Type:||Full Time|
Do you have a passion for helping Microsoft’s clients defend themselves against targeted exploitation? Are you interested in being intimately involved in the latest, cutting edge developments in the security industry and having a direct impact on the security of all Microsoft customers? Do you want to be on the front lines of helping our customers go toe-to-toe against advanced adversaries? Are you interested in a fast-paced job full of new opportunities? If so, you might be a candidate for the Microsoft’s Detection and Response Team (DART). The team is looking for a strong, experienced Windows Infrastructure (deployment) consultant/engineer to join our client-facing response team. Ideal candidates possess some of the following skills:
This role will work as part of a collaborative team assisting our top customers with:
- Deploying advanced Windows client security technologies such as LAPS, OOADS/ADSA and other Windows security features.
- Deploying forensic software and tools
- Working as an Active Directory subject matter expert, to encompass migration, management, security and deployment.
- Troubleshooting, design and implementation experience across the Microsoft Server stack.
- Performing knowledge transfer to prepare customers to defend against today’s threat landscape
Ideal candidates should possess approximately 5+ years of related work experience along with the following:
- Practical, hands-on experience in investigating interactive computer network exploitation cases, especially in performing live response.
- Strong background in Cloud architecture including Identity and Authorization technologies such as ADFS and AAD. Particular emphasis on monitoring and investigating suspicious or unusual behavior in the Azure and O365 platforms.
- Experience securing and investigating cloud based mail platforms from various attacks including phishing, spear phishing, malicious email attachments, etc.
- Excellent understanding of Windows internals and where trace evidence can be found.
- Solid understanding of common exploitation tools, tactics and procedures.
- Familiarity with enterprise computer network defense systems, such as NIDS, HIDS, SIEM/SEMs, web proxies, antivirus, and specialized-purpose security systems is necessary to assist clients during a response.
- Excellent oral and written communication skills including concisely communicating status and creating customer reports and presentations
Experience with some of the following is a distinct advantage:
- Familiarity with the APT and how malicious software persists on victim systems. Demonstrated ability to locate hidden malware and to create timelines.
- Scripting experience and knowledge of the Microsoft Server stack is preferred.
- Exposure to the common forensic toolsets, such as FTK, EnCase, WinHex, Volatility, etc. and their application in incident response is a plus.
If you are looking for a role that allows you to use your knowledge and passion to strengthen Microsoft's product defenses and keep customers informed and protected from emerging security threats you may have a bright future with our Microsoft’s Cybersecurity Detection and Response Team (DART).
Travel is an integral part of this position as are high levels of recognition and visibility. Short-notice travel could be as high as 50% or higher as is demanded by the needs of our customers and our business. Position location is flexible.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.