|Job Type:||Full Time|
Are you enthusiastic about solving problems in the threat detection and security response space? Are interested in challenges within Cloud Computing space? Does protecting over 1 billion customers and making the cyber world a better place for everyone sound exciting? If so, this may be an ideal opportunity for you.
The Microsoft Security Response Centre (MSRC) seeks motivated, experienced security professionals to join our team. As the company accelerates its transformation into a cloud-first world, there has never been a more exciting time to be part of the MSRC. The Security Operations Center (SOC) within the MSRC is the front line that defends the customers of Microsoft's Cloud platform and online services.
Microsoft is looking for a security analyst to join its UK (Cheltenham) based SOC. The core responsibility is to perform investigations in response to security alerts, which includes digital forensics and data analytics. Your passion for finding creative approaches for security problems will shine as you gather evidence and build a picture about what transpired during your investigations. You will be responsible for fusing multiple sources of evidence to determine how a security incident occurred and what steps need to transpire to remediate it. You will also be responsible for building capabilities that close information gaps, strengthen our cloud defenses and defend customers from emerging security threats. The SOC is a fast-paced team that constantly provides new opportunities to learn and grow. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.
- Perform forensic investigation on suspected compromised assets to determine what occurred.
- Collaborate with the team to create adversary eviction and incident remediation plans.
- Build and develop the forensic program through expertise, collaboration, and influence.
- Automate response and forensic functions through coding and scripting.
- Evaluate security risks and their impact to the Microsoft Cloud platform and its online services.
- Provide co-ordination and crisis management between engineering groups and security responders during high severity incidents.
- Create technical documentation for other analysts and other teams to follow.
- Demonstrated experience in either of the below:
- Performing forensic analysis of digital files and physical media from a diverse array of operating systems (Windows, Linux, BSD), and application software (SQL, IIS, Dynamics, etc.)
- Extensive experience in responding to, investigating, and recovering from compromise and data breach events.
- One or more of the following information security-related qualifications, demonstrable equivalent experience or capability to obtain certifications: CFCE, GCFA, GNFA, GCIH, GCFE, OSCP, CISSP.
- Experience in developing services or scripts for automation of analysis, response, or forensics.
The following would be an advantage:
- Experience in managing security incidents that involve privacy (GDPR)
- Previous experience performing Digital Forensics and Incident Response (DFIR) within Internet Service Provider (ISP) or Cloud Service Provider (CSP) environments
- Experience with AI or ML.
Background Check Requirements:
Applicants must have the ability to meet Microsoft, customer, and/or government security screening requirements required for this role. These requirements include, but are not limited to, the following:Microsoft Cloud Background Check: This successful candidate to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.