Cloud Cyber Security Operations Analyst - Microsoft

Are you enthusiastic about solving problems in the threat detection and security response space? Are you interested in challenges within Cloud Computing space? Does protecting over 1 billion customers and making the cyber world a better place for everyone sound exciting? If so, this may be an ideal opportunity for you.

Azure Cloud Security and the Microsoft Security Response Center team (MSRC) are looking for motivated, security professionals to join our team. As the company accelerates its transformation into a cloud-first world, there has never been a more exciting time to be part of Azure Cloud Security. The Security Operations Center (SOC) within the Azure Cloud Security is the front line that defends the customers of Microsoft's Cloud platform and online services.

Role Overview

Microsoft is looking for a SOC analyst to join its United States (Redmond) based SOC. The core responsibility is to perform triage, analysis and investigations in response to security alerts, which includes analysis, digital forensics and data analytics. In addition to identifying trends to assist other orgs with remediation of possible security issues within a product or service. Your passion for finding creative approaches for security problems will shine as you gather evidence and build a picture about what transpired during your investigations. You will be responsible for fusing multiple sources of evidence to determine how a security incident occurred and what steps need to transpire to remediate it. You will also be responsible for building capabilities that close information gaps, strengthen our cloud defenses and defend customers from emerging security threats. The SOC is a fast-paced team that constantly provides new opportunities to learn and grow. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.

Responsibilities:  

• Prioritise alerts and issues and perform triage to confirm security incidents
• Performing analysis on true positive alerts to determine root cause and impact
• Collaborate with teams to create and potentially execute incident mitigation and remediation plans
• Evaluate security risks and their impact to the Microsoft Cloud platform and its online services 
• Create technical documentation for other analysts and teams to follow
• Support cross company incidents and crisis
• Review detections for tuning opportunities

Working Patterns:

• Projected work hours 10:00 AM PST to 6:30 PM PST
• Shift work: Weekends and national holidays will be required on a rotational basis

Required Skills:

• Experience in working in a Security Operation Center
• Experience in a technical support/helpdesk environment and knowledge of cyber security

Desired Skills:

• Any of the following: CompTia Security +, GIAC; GCIA ,GCIH, GCFE, GCFA
• Experience in managing security incidents that involve privacy (GDPR)
• A degree in an applicable subject, such as; Cyber Security or Computer Science.
• Experience in responding to, investigating, and recovering from compromise and data breach events
• Experience working with Logic Apps and Jupyter notebooks
• Knowledge of cloud environments

• Previous experience performing Digital Forensics and Incident Response (DFIR)
• Experience and/or understanding of Azure, or Azure certifications

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter. 

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.