Senior Service Engineer

Core Services Engineering builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster and more securely every day. Core Services Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more! If you get excited about researching and analyzing information security threats and using analytical techniques to help influence strategic decisions, reduce risk in an increasingly complex and dynamic environment, and prioritize operational actions, then you may be the right candidate for Digital Security and Risk Engineering’s Security Intelligence Team. We are looking for a security intelligence analyst that has the experience to conduct analysis across a wide set of security and identity-based signals in a hybrid cloud and on-premise environment. The Digital Security and Risk Engineering Intelligence program is responsible for bringing data together from a wide variety of internal and external data sources using a framework that provides the context and relevance needed to help identify, prioritize, and mitigate threats and reduce risk across the enterprise. A successful candidate will have deep experience in the information security field and the ability to provide detailed and accurate analysis of technical telemetry at cloud scale, understand and apply business context, and effectively communicate to customers and executive leadership with variable levels of technical understanding. The successful candidate will be able to use a variety of analytical tools and techniques across relational data, big data, and machine learning models.

Key responsibilities:
- Research, identify, prioritize, and analyze preventive and detective use cases that will help will help identify threat trends and anomalies impacting the company
- Work with engineering teams to get additional data sources integrated into our data lake
- Support data science activities to help identify the outcomes, algorithms, models, and calculations needed for each use case
- Analyze and provide feedback on machine learning outputs to reduce the time required to get to fully supervised models
- Provide analytical intelligence support to internal security incidents
- Contribute to the curation, dissemination, and life cycle management of operational threat intelligence for Microsoft’s Cyber Defense Operations Center
- Help generate intelligence products using a variety of data visualization techniques

Knowledge, experience and skills:
• Strong analytic skill and demonstrated ability to bring complex data together to answer security, identity, and operational risk related questions
• Deep understanding of cyber threat attack vectors, how they are used, and methods to detect and mitigate them at the network, host, application, and identity layers
• Strong understanding of mitigation and monitoring capabilities (Firewalls, Intrusion Detection Systems, Log Analysis, anti-malware, SIEM etc.) and how they help prevent and detect attacks
• Demonstrated ability to analyze security and identity event streams and conduct log analysis on signals from on premise and cloud workloads
• Understanding of risk management techniques and frameworks
• Experience with business intelligence and analysis tools like Tableau, PowerBI, Maltego, Analyst Notebook, and Excel
• Experience with SQL and the ability to query relational databases.
• Experience with Hadoop and GraphDBs a plus
• Demonstrated ability to lead multiple complex analysis efforts with minimal guidance and supervision
• Ability to mentor and aid in the development of junior analysts across the team

Basic Qualifications:
• 7+ years of work experience in Information security field
• Education: B.S. degree in Computer Science, Computer Information System, Math, Engineering, Business, or technical discipline

Preferred Qualifications:
• 5+ years of experience conducting security analysis, preferably in direct support of security or identity operations
• 3+ years of experience supporting information security incidents and investigations
• 3+ years of experience working with big data and cloud infrastructure
• CISSP, CEH, SANS certifications, Microsoft technology certifications and other security certifications a plus

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to #DSRE