CASY-MSCCN Jobs

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

We are the Microsoft 365 Defender Experts team, and we are committed to defending Microsoft customers from sophisticated cyber-attacks and adversaries. Our mission is to help protect customers with truly innovative proactive approach, advising on emerging trends, and engaging in valuable partnerships. Our security products are brought together in the Microsoft 365 Defender (M365D) suite. M365D enables Microsoft’s enterprise customers to detect, investigate, understand, and respond to advanced threats on their networks via a combination of behavioral sensors, security analytics, and threat intelligence. Microsoft 365 Defender provides unified detection and response across endpoints, identities, email, and cloud applications. As a Security Operations Engineer, you will be responsible for monitoring incidents and alerts from these products for our customers, as well as providing guidance and support on best practices, threat hunting, and incident response.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

• Monitor and analyse alerts and incidents generated by the Microsoft 365 Defender suite of products, and provide timely and effective response and remediation, ensuring optimal coverage and performance.

• Perform incident response and investigation, following the established procedures and protocols.

• Document and report on security incidents, findings, and recommendations.

• Conduct proactive threat hunting using the advanced tools and data sources provided by the products and identify and mitigate potential threats.

• Provide technical guidance and recommendations to customers on how to improve their security posture and reduce their attack surface.

• Perform regular security audits and assessments and remediate any issues or gaps.

• Stay updated on the latest security trends, threats, and best practices.

• Collaborate with other Microsoft Defender Experts, product teams, and partners to share knowledge, feedback, and best practices.

Qualifications

• Bachelor's degree in computer science, information security, or related field, or equivalent work experience.

• At least 3 years of experience in security operations, incident response, threat hunting, or penetration testing.

Other Requirements

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:

• This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

• 1+ years of hands-on coding and scripting experience, showcasing proficiency in Regex, Python and VS Code.

• Experience in using Kusto Query Language (KQL) to perform security analysis and data manipulation.

• Strong knowledge of security principles, frameworks, standards, and best practices.

• Experience in using various security tools and platforms, such as SIEM, IDS/IPS, firewall, antivirus, etc.

• Experience in using Microsoft 365 Defender to detect and respond to advanced threats across endpoints, email, identity, and cloud applications.

• Proficient in Windows and Azure Active Directory security, as well as common attack vectors and techniques.

• Experience in threat hunting, incident response, and forensic analysis. • Familiarity with reverse engineering and exposure to machine learning models.

• Familiarity with offensive security practices, including tools such as Metasploit, exploit development, Open-Source Intelligence Gathering (OSINT), and designing strategies to breach enterprise networks.

• Strong understanding of the attacker mindset and the ability to apply defensive tactics to protect against it. Broad, general familiarity with the threat landscape affecting enterprise customers.

• Excellent communication, collaboration, and customer service skills.

• Certifications such as CompTIA Security+, CEH, CISSP, or GCIH are an added advantage.

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .