Sr. Security Engineer

  • Company: Microsoft
  • Location: Redmond, Washington
  • Posted: November 14, 2017
  • Reference ID: 1080569
Do you have a passion for security and excited about impacting some of the largest and most complex security challenges Microsoft is involved with today in hosting petabytes of business critical customer data? We’re looking for a Security Service Engineer with the right mix of technical depth, engineering background, on-line services experience and cross-org collaboration skills to help grow and protect our Office 365 Cloud service offering.

Office 365 is at the center of Microsoft’s cloud first, devices first strategy as it brings together cloud versions of our most trusted communications and collaboration products like Exchange, SharePoint, Yammer, and Skype/Teams with our cross-platform desktop suites and mobile apps. Our customers depend on our services to run their organizations, whether that is a Fortune 500 company, a small business, a non-profit, or an educational institution. You pass by dozens of our customers on your drive to work every day! Those customers trust us with their most critical data and we honor that trust with continuous investment and improvement in the security of our services.

Almost daily, news headlines report on organizations who have fallen victim to hackers of all stripes. Attackers are increasingly sophisticated, and even sharing technologies and expertise with each other in underground marketplaces. As a cloud service provider, it isn’t enough to “keep the lights green” or simply to “make sure our patches are up to date”. Cloud-scale, enterprise-grade security demands continual, relentless examination of our code, our configurations, our processes, and ourselves. As a Security Service Engineer, you will work closely with other cloud and security experts across Microsoft to enable sophisticated response capabilities, proactively hunt for compromise, improve and automate processes and administration tools, and contribute your experience and expertise to countless other projects that enhance the security and scalability of our service.

Core Responsibilities:
•Analyze and improve overall service situational awareness, monitoring coverage, and incident response capabilities.
•Detect and respond to sophisticated threats with information from a wide variety of sources (windows logs, agent logs, device logs, etc.).
•Drive security enhancements at the application, host, infrastructure, and architecture levels to improve detection, response, and remediation.
•Coordinate with broad community of internal and external business partners and security teams at a deeply technical level.
•Proactively hunt the environments, looking for threats and driving them out of the system while ensuring those scenarios are detected/prevented in the future.


Basic Qualifications:
•3+ years of hands-on experience in security investigations, threat detection & analysis, security program manager, and/or incident response.


Preferred Qualifications:
•Bachelor’s degree or equivalent industry experience.
•Experience with security events (including large-scale breaches) is a must, as is the ability to identify themes and trends out of large datasets.
•Strong working knowledge of security concepts such as encryption, public key infrastructure (PKI), transport layer security, HIDS/NIDS, and multi-factor authentication.
•Awareness of modern security related subjects and trends such as Advanced Persistent Threats (APT), digital forensics, malware behavior, phishing, pass-the-hash techniques, threat modeling, and penetration testing/ethical hacking.
•Ability to work collaboratively with the Engineering teams to drive architectural changes throughout the environments to improve stability of each environment.
•Demonstrated success in dealing with ambiguity and problem definition under timeline constraints.
•Strong comprehension of security trends, emerging threats and calculating risk to recommend/take proper courses of action.
•Experience in some of the common forensic toolsets, such as FTK, EnCase, KANSA, Mandiant RedLine, Volatility, etc. and their application in incident response.
•Experience with cloud-hosted services, web-based applications, and server/service management features.
•Relevant industry certifications (CISSP, Cisco, GIAC, etc.) a definite plus!
•Demonstrated ability to understand and communicate technical details with varying levels of management.
•Strong scripting and/or coding skills (PowerShell, Python, C#, etc).


Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Screen
- ITAR US Citizenship Verification

Candidates must be able to meet customer security screening requirements as indicated for this role. Customer screening requirements may include additional items such as, but not limited to: specialized agency background checks (either national or local) and fingerprinting. All employees hired into roles supporting Cloud Offerings will also be required to pass Microsoft background checks prior to the start of employment and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, gender, sexual orientation, gender identity or expression, religion, national origin, marital status, age, disability, veteran status, genetic information, or any other protected status.

Share this Job