Microsoft Senior AI Security Incident Responder 

United States 

312828522

Required/Minimum Qualifications:

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
• OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
• 5+ years of experience in information security incident handling and/or security operations.
• Experience triaging security vulnerabilities and driving product and/or service response.

Other requirements:

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Familiarity with AI models and how to prevent/detect/respond to security threats in AI/ML.
• Working knowledge of common security, encryption and protocols such as encryption, AuthN/AuthZ, PKI, modern authentication and cloud app authorization architectures and protocols such as SAML or OAUTH.
• Expertise with Microsoft's line of security products: Microsoft Defender for Endpoint (MDE), Microsoft Defender for Office (MDO), Microsoft Defender for Identity (MDI), Microsoft Cloud App Security (MCAS), Azure Sentinel, Azure Security Center (ASC), etc.
• Experience with big data and SIEM solutions such as ArcSight, Splunk, Elasticsearch, Logstash, Azure Data Explorer, Azure Log Analytics, Azure Data Lake, Azure Sentinel, etc.
• Ability to work effectively in ambiguous situations and respond favorably to change
• Comfortable working in a startup mode on a new team where there is lots of opportunity
• Certifications like GCIA, GSLC, GCIH, CISM, CISSP, CEH, Etc. are a plus.
• 3+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, analyst, researcher, etc.) field.
• Familiarity of security response against active adversaries.
• Experience working with analytics software, like PowerBI, to answer and illustrate complex problems.
• Skilled working with SOAR toolsets.
• Experience working with automation tools such as, logic apps, power automate, and PowerShell.
• Demonstrated ability to understand and communicate technical details, both verbally and written, to varying levels of audiences that may include C-level executives.
• Ability to work collaboratively with engineering teams to drive architectural changes that improve the stability and security of each environment.
• Hands-on experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
• Demonstrated success in dealing with ambiguity and problem definition under timeline constraints.
• An ability to work well under pressure while maintaining professionalism.
• Exposure to security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
• Ability to meet on call responsibilities periodically to support 24x7 operations.