Job Title

Overview The Cloud & AI organization accelerates Microsoftu2019s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customersu2019 heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Do you love the excitement and learning opportunity to study, analyze, and deal with the most complex threats to digital security in today's world? Do you have the u201clearneru201d mindset, are willing to un-learn old skills and learn new ones every day? Are you passionate about solving the challenges of security response teams? If yes, then this opportunity is for you. The Telemetry Enforcement Engineering team, within Cyber Defense Operations, needs a Senior Security Operations Engineer to drive the centralization of access and curation of critical security data while applying operational rigor to ensure real-time availability and accuracy of thousands of mission-critical data sources. About CDO - Cyber Defense Operations. An organization led by Microsoftu2019s Chief Information Security Officer enables Microsoft to deliver the most trusted software and services. The CDO vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk & management framework. Microsoftu2019s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities + Data-Driven Analysis - Analyzes key metrics and key performance indicators (KPIs) and other data sources (e.g., bugs, unhealthy data pipeline) and identifies trends in security issues and escalates appropriately. + Recommends improvements and/or metrics to address gaps in measurement. Leverages multiple sources of data in conducting and interpreting analysis. Evaluates data sets for anomalies and other patterns. + Technical Insight: Provides technical insight on incident analysis and management, threat mitigation and an ability to translate into platform requirements, partnering closely with software development teams. + Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response.Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. + Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. + Data Engineering & Management: Understand and administer data source access, availability, while proactively defining controls & policies to improve access and availability. + Embody our culture and values Qualifications Doctorate in Statistics, Mathematics, Computer Science, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), OR operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience. Other Requirements: Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft CloudBackgroundCheck: + This position will be required to pass the Microsoftbackgroundand Microsoft Cloudbackgroundcheckupon hire/transfer and every two years thereafter. Preferred Qualifications u2022 8+ years of security operations work experience, with 5 years of experience collaborating with IR/SOC. u2022 Hands-on experience with Microsoft Kusto clusters (KQL), Azure Cosmos DB, Azure Access Control methods. u2022 Conduct root cause analysis and post-incident reviews. u2022 Assist in tuning and optimizing data source and data pipeline availability rules and alerts. u2022 Develop and maintain incident response playbooks and standard operating procedures (SOPs). u2022 Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls/policies. Security Operations Engineering IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year. Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. (