Overview
Microsoft Defender Experts Team is looking for an experienced professional to join our detection and response team. No matter how sophisticated attacker behaviors become, Microsoft 365 Defender will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks. Our team uses deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root-cause analysis and generate custom alerts, ensuring that Microsoft 365 Defender customers are well equipped to quickly respond to human adversaries identified in their unique environments.
Ensuring that no human adversary can operate silently begins with experts harnessing the powerful optics provided by Microsoft 365 Defender, across the attacker kill-chain, coupled with world-class detections. We are looking for someone who is passionate about this work to help us harness the power of Microsoft’s trillions of security signals to quickly identify and report the latest human adversary behaviors, drive critical context-rich alerts, build new tools and automations in support of hunting objectives, and drive innovations for detecting advanced attacker tradecraft.
Responsibilities
Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection solutions/strategies across customer tools.
Qualifications
7+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
Other Requirements / Preferred Experience
Experience leading a security function for a customer, such as SOC manager, solution lead, or Security engineer.
Knowledge of operating system internals and attack techniques in Windows, Linux, Mac, Android, and iOS platforms.
Experience with reverse engineering, digital forensics (DFIR), incident response, or machine learning models.
Experience with offensive security including tools such as Metasploit, exploit development, OSINT, and designing ways to breach enterprise networks.
Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC certifications.
Security Research IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $160,200 - $261,000 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process.