Microsoft Cybersecurity Infrastructure Engineer 

United States 

284057871

Required/Minimum Qualifications

• 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field
• 2+ years experience with Threat Actor containment during an incident, rapid recovery of critical infrastructure (primarily Active Directory rebuild and restoration), and eviction of a Threat Actor after an investigation
• 2+ years of Active Directory and associated components (Kerberos, NTLM, Group Policy, Backup and Disaster Recovery, DNS, AD tiering models,gMSAs)
• 2+ years of Entra ID and associated components (Conditional Access, Multifactor Authentication,PasswordlessAuthentication, Privileged Identity Management, Identity Protection, Entra ID Connect)

Additional or Preferred Qualifications

• 6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Doctorate in Statistics, Mathematics, Computer Science or related field
• Azure Resource Management, Azure Infrastructure as a Service (IaaS),Role Based Access Controls (RBAC), Subscriptions, Resource Groups, Management Groups
• Proficiencyin one or more query languages (KQL, SPL, SQL, etc.)
• Strong knowledge of at least two or more products in the Microsoft Defender365suite
• Experience with large scale orchestration and deployment of software usingdeployment tools such asSCCM, Intune,Ansible, Chef, Puppet, etc.
• Experience in PowerShell andbashscripting
• Experience with third-party security products, including but not limited to, Splunk, CrowdStrike Falcon,QRadar, etc.
• Experience with Microsoft Public Key Infrastructure (PKI) implementations, Active Directory Federation Services (AD FS)
• Understanding and working knowledge of the Linux and MacOS platforms
• Experience with two or more of Microsoft’s portfolio of Artificial Intelligence (AI) products such as Security Copilot, Bing Copilot,GithubCopilot, Office Copilot and Windows Copilot
• Understanding of DevOps, concepts such as Version Control, Infrastructure as code, CI/CD Pipelines, Frameworks, Configuration Management and Continuous Monitoring.
• Experience with management of virtualization platforms such as Hyper-V, VMware, etc.
• Experience with IP network management including routing, firewalls, access control lists, DHCP, packet analysis, and troubleshooting network traffic flow

Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.

• Ability todeliver adversary containment and recovery efforts across multiple workstreams

• ilityto quickly build and execute a recovery plan as a response to large-scale impactful incidents involving ransomware and destructive adversarial campaigns

• Deploying forensic collection tooling across a wide range of complex environments

• potential threats – allowing for proactive defence before an actual incident

• Providing recommendations to improve cybersecurity posture going forward

• Performing knowledge transfer to prepare customers to defend against today’s threat landscape

• ing, analyzing, and summarizingsecurity threatsand response capabilities,sharing

• ying, conducting, and supportingothers in conducting research into critical security areas, such as current attacks, adversary tracking, and academic literature

• ingand documentingnew solutionsto mitigate security issues

• ingprioritization and validation methods for technical indicators,developstools to automate analyses

• Leads efforts to clean, structure, and standardize data and data sources; leadsdata qualityefforts to ensuretimelyand consistent access to data sources

Thought Leadership

This role includes the ability to be at the forefront of Microsoft Security thought leadership by:

• Developing written content for publication on Microsoft blog platforms

• Developing presentations for delivery at internal and external conferences

• Use the unique experiences of Microsoft Incident Response to create unique storytelling moments

Operational Excellence

Must be

• ingoperational tasks and readinesswithtimeliness and accuracy.

• ing

• ingbyexample and guiding