Job Description :
Who we are:
We are the Security and Compliance (S+C) team; we are committed to defending Microsoft customers from cyber-attacks as well as providing sophisticated tooling for securing important data. S+C fosters an agile development environment, continuously gathering and analyzing data to combat evolving threats. Our mission is to help protect customers with truly innovative proactive protection, advise customers on emerging trends, and engage in valuable partnerships.
As the Research organization within S+C, it’s our job to stay one step ahead of malicious adversaries and predict the threats of the future. We work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, their tools and infrastructure.
We are always learning. Insatiably curious. We lean into uncertainty, take risks, and learn quickly from our mistakes. We build on each other’s ideas, because we are better together. We stand in awe of what humans dare to achieve and are motivated every day to empower others to do and achieve more through our technology and innovation. Together we make a difference forall ofour customers, from end-users to Fortune 50 enterprises.What we build:
We build innovative security and data compliance products. Our security products are brought together in the. MTP enables Microsoft’s enterprise customers to detect, investigate, understand, and respond to advanced threats on their networks via a combination of behavioral sensors, cloud security analytics, and threat intelligence.
TheTeam is looking for threat hunters!No matter how sophisticated attacker behaviors become,(MTP)will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks. Our team uses deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root-cause analysis and generate custom alerts, ensuring thatMTP customers are well equipped to quickly respond to human adversaries identified in their unique environments.
Ensuring that no human adversary can operate silently begins with experts harnessing the powerful optics provided byMTP, across the attacker kill-chain, coupled with world-class detections. We’re looking for a skilled hunter to harness the power ofMicrosoft’s trillions of security signals to quickly identify and report the latest human adversary behaviors, drive critical context-rich alerts, build new tools and automations in support of hunting objectives, and drive innovations for detecting.
Who we are:
We are the Security and Compliance (S+C) team; we are committed to defending Microsoft customers from cyber-attacks as well as providing sophisticated tooling for securing important data. S+C fosters an agile development environment, continuously gathering and analyzing data to combat evolving threats. Our mission is to help protect customers with truly innovative proactive protection, advise customers on emerging trends, and engage in valuable partnerships.
As the Research organization within S+C, it’s our job to stay one step ahead of malicious adversaries and predict the threats of the future. We work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, their tools and infrastructure.
We are always learning. Insatiably curious. We lean into uncertainty, take risks, and learn quickly from our mistakes. We build on each other’s ideas, because we are better together. We stand in awe of what humans dare to achieve and are motivated every day to empower others to do and achieve more through our technology and innovation. Together we make a difference forall ofour customers, from end-users to Fortune 50 enterprises.What we build:
We build innovative security and data compliance products. Our security products are brought together in the. MTP enables Microsoft’s enterprise customers to detect, investigate, understand, and respond to advanced threats on their networks via a combination of behavioral sensors, cloud security analytics, and threat intelligence.
TheTeam is looking for threat hunters!No matter how sophisticated attacker behaviors become,(MTP)will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks. Our team uses deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root-cause analysis and generate custom alerts, ensuring thatMTP customers are well equipped to quickly respond to human adversaries identified in their unique environments.
Ensuring that no human adversary can operate silently begins with experts harnessing the powerful optics provided byMTP, across the attacker kill-chain, coupled with world-class detections. We’re looking for a skilled hunter to harness the power ofMicrosoft’s trillions of security signals to quickly identify and report the latest human adversary behaviors, drive critical context-rich alerts, build new tools and automations in support of hunting objectives, and drive innovations for detecting.
- Exploreand correlatelarge data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, and generate custom alerts for enterprise customers.Work with customer support teams to support investigationand responseduring an enterprise’s time of need.Collaborate with our data science and threat research teams to develop and maintain accurate and durable cloud-based detections.Build hunting tools and automations for use in the discovery of human adversaries.
Minimum requirements include:
- 5+years of experience ina technical role in the areas ofSecurity Operations,ThreatIntelligence,CyberIncidentResponse, or Penetration Testing/Red TeamAdvancedexperience using analysis tools (e.g. file/network/OS monitoring tools and/or debuggers)Advanced knowledge ofoperating systeminternals and security mechanismsExperience analyzingattacker techniques that leverage email and cloud-service tacticsSkilled working with extremely large data sets, using tools and scripting languagessuch as: Excel, SQL, Python, Splunk, andPowerBI
- Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvementsStrong ability to use data to ‘tell a story’
The following additional experiences are favorable, but not required:
- Technical BSdegree preferredin Computer Science, Computer Engineering,Information Security, Mathematics, or Physics
- 1+ years of experience developing software or tools using C++,C#,Python, Ruby, or similarExperience with reverse engineering,digitalforensics(DFIR)or incident response, or machine learning modelsExperience withsystem administrationin a large enterprise environment includingWindows and Linux servers and workstations, networkadministration, cloud administrationExperience with offensive securityincluding tools such as Metasploit,exploit development,Open Source Intelligence Gathering (OSINT),and designing ways to breach enterprise networksExperience with advanced persistent threats and human adversary compromises
- Additional advanced technical degrees or cybersecurity basedcertificationssuch as CISSP, OSCP,CEH,or GIAC certifications
Source link
