Are you passionate about helping and protecting customers? Do you thrive when working as a first responder to information security events? The Microsoft Managed Desktop Security Operations team may be the place for you! 

This Security Operations team is responsible for responding to threats that Microsoft Managed Desktop devices around the world face, identified through our technologies and proactive actions we drive. Security Service Engineers in this role investigate alerts such as malware detections and suspicious activities, and provide expert analysis to our customers, and we lead response activities when an event becomes a security incident. Work on this team isn’t just about fixing one system but mitigating or preventing risks at scale across a service ecosystem. 

Responsibilities

• Quickly and accurately triage detected events affecting our managed devices 
• Investigate indicators and event data to identify impact and assess the overall risk to a device, a customer environment, and/or the entire managed ecosystem 
• Drive the security incident response process, including customer-facing engagements and communications 
• Hunt for emerging threats using the tools and data that we have, identifying and addressing risks to prevent exploitation 
• Own and contribute to initiatives that drive continuous improvement to our operations, our services, and/or our product 
• Participate in a 24/7/365 on-call rotation, which can include working outside normal business hours and weekends

Qualifications

• Grounded in a growth mindset, advocate for inclusion and diversity, and strong self-awareness.  
• 3+ years of hands-on experience in the information security field, preferably in a response role with a focus on malware, event management, incident management 
• 1+ years of experience working in a service delivery role to external customers 
• One or more cybersecurity analyst or security incident handler certifications, such as CySA+, E|CSA, E|CIH, GCIH, CSIH, or Microsoft 365 Certified Security Administrator Associate are strongly recommended 
• The ability to meet Microsoft, customer, and/or government security screening requirements is required for this role.

Preferred Qualifications

• B.S. or B.A. degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience 
• Hands-on expertise using the Microsoft 365 Security Center Portal and the Microsoft Defender for Endpoint platform. 
• Demonstrated success in identifying threat themes and trends through data analysis and implementing preemptive mitigation plans 
• Prior experience working in a security operations center and familiarity with Microsoft's security response process is a plus 
• Knowledgeable about malware families, their capabilities, and other risks/techniques associated with host compromise 
• Strong understanding of common tactics and techniques (such as the MITRE ATT&CK framework) with the ability to determine applicable risk to an environment and experience in successfully mitigating their impact  
• Familiarity with device management via Microsoft Intune is highly desired 
• Excellent written and verbal English communication skills; a writing sample may be requested 
• Additional information security certifications including, but not limited to, CISSP, CEH, GCFA, GCFE, GCED, GCTI are also welcomed.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.