Software EngineerII, Security - Threat Intelligence Center
Redmond , Washington
October 18, 2017
Are you interested in discovering and tracking emerging threats, and using that information to deliver detection to Microsoft and its customers? Do you want to be part of the team that provides security analysis services for products such as Office 365's Exchange Online Advanced Threat Protection? Do you like reversing malwares? We’ll give you malware to analyze. Love coding? There’s plenty to write. Are you a data buff? Then this place is for you! Come join us at Microsoft Threat Intelligence Center (MSTIC) in C&E Security!

Microsoft Threat Intelligence Center (MSTIC) is looking for an experienced Security Engineer to join the Microsoft Global Research and Response Team. MSTIC is focused on countering adversary-based threats to Microsoft and its customers through production and dissemination of threat intelligence, proactive hunting and incident response, and the development of new tools and approaches to detect adversary activity.

Primary responsibilities:

• Research the advanced threat / exploitation landscape;
• Provide in-depth / FP / FN analysis for Office 365 Advanced Threat Protection service;
• Hunt for targeted attacks, 0’day exploits and new threats targeting Microsoft and customers;
• Implement rich security analysis and production quality detection capabilities in the cloud;
• Build and use automation in the cloud to scale-out impact;
• Generate quality technical reports/blog content on the research, trending threats and their detections.

Basic Qualifications:

• 3+ years of experience in Malware Analysis, Reverse Engineering
• 1+ years of experience in programming (C/C++/C# or Python) and understanding of data structures/algorithms.

Key skills and qualifications:

• BS in Computer Science or Computer Engineering, or at least 5+ years of comparable industry experience;
• Expert knowledge in intelligence analysis and reporting using common tools and techniques;
• Strong understanding of operating system and computer networking concepts;
• Experience in writing system and network based signatures (Yara, ClamAV, Snort)
• Experience with static and dynamic analysis tools, ex: Ida Pro, Debuggers (Ollydbg /Immunity, Windbg)
• Have strong data knowledge, and ability to analyze and present complex data visually in a meaningful way;
• Self-starter and able to deliver under stress, particularly in emergency response situations;
• Strong problem solving skills and technical judgment;
• Good communication skills and an eye for detail.

Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to

A little about us:
Microsoft offers training and employment opportunities to help you turn your military experience and skills into a civilian technology career.

Know someone who would be interested in this job? Share it with your network.