Microsoft Senior Insider Threat Analyst - CTJ Top Secret 

Taiwan, Taoyuan City 

293322215

Required/Minimum Qualifications

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incidentresponse
  • ORBachelor's Degree in Statistics, Mathematics, Computer Science or related field.

Other Requirements

Security Clearance Requirements: Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• The successful candidate must have an active U.S. Government Top Secret Security Clearance. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate clearance and/or customerscreening requirements may result in employment action up to and including termination.
• Clearance Verification : This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.
• Microsoft Cloud Background Check : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
• Citizenship & Citizenship Verification: This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customer and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government Clearance

Preferred/Additional Qualifications

• 7+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
  • ORMaster's Degreeor Doctorate in Statistics, Mathematics, ComputerScienceor related field.
  • CISSP,CISA,CISM,SANS,GCIA,GCIH,OSCP, and/orSecurity+certification.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Identification and Detection of Control Failures

• Designs solutions to address identified control issues (e.g., network, identity, high security), taking intended and unintended consequences into account. Operationalizes and scales a program and solution appropriately. Identifies high priority opportunities and makes data-driven recommendations for efficiencies to improve security posture (e.g., streamline processes, automate). Assists team with technical acumen as needed.

Automation

• Recommends automation to improve effectiveness and efficiencies of security operations. Supports development and implementation of new automation. Provides automation and proactively proposes where investment will yield greatest efficiencies. Develops and implements solutions. Improves solutions over time.

Translate Security Policy and Standards into Effective Controls

• Contributes to security policy and standards. Maintains accurate and comprehensive security policy and standards. Designs mitigation strategies to addresses identified gaps in policy. Educates others (e.g., business partners, peers, industry) on security policy. Recognizes patterns and trends and recommends solutions for improvement. Recommends refinement of security policy and standards.

Collaboration

• Collaborates with internal and external parties to ensure service level agreement (SLAs) are reached when addressing threats. Supports development of requirements for solutions. Defines new requirements and feature sets.

Customer/Partner Experience

• Drives improvements in customer and partner experience by sharing best practices and interacting with customers. Ensures proper resources are engaged to address issue and prevent recurrence. Designs for the customer experience. Develops and implements metrics for customer satisfaction. Ensures alignment to customer and partner experience standards. Gathers future requirements directly from customers. Designs to maximize customer experience. Creates partnership and advocacy with customers. Educates business partners to influence behavior to make different decisions that enhance security posture. Defines customer and partner requirements, anticipates needs, and measures quality of experience.

Data-Driven Analysis

• Recommends mitigation strategies based on trends identified in the analysis of key metrics, key performance indicators (KPIs), and other data sources (e.g., bugs, unhealthy data pipeline). Defines and implements metrics to address gaps in measurement. Influences others to take action in response to findings, prioritized by severity.

Security Incident Response

• Independently analyzes prioritized attempted or successful efforts to compromise systems security. Recommends next steps and escalations to resolve. Develops response plans for new or nuanced issues. Devises mitigation steps. Provides guidance to limit exposure. Apprises leadership of status. Manages stakeholder communication appropriately. Conducts postmortem analysis. Helps others understand triage, analysis, and prioritization.

Monitoring and Detection

• Builds new detection capabilities. Researches new attacks and identifies trends to reduce noise in detections. Drives prioritization and resources required to address potential or actual intrusions identified as a result of monitoring activities. Drives automation of detection and response.

Red/Purple Team Operations

• Understands how weaponized code can be used in operations. Determines how tactical tools can be adopted to larger scale automation. Engages security assurance organizations to identify new Tools Tactics Procedures (TTPs) and leverages in breaches operations.

Threat Intelligence and Analysis

• Recommends potential detections and signatures for defense capabilities based on analysis and understanding of threat trends in the industry.

Other

• Embody our and