Microsoft Senior Security Investigations Analyst Taiwan, Taoyuan City 876185088
Required/minimum qualifications
- Bachelor's Degree in Statistics, Mathematics, Computer Science or related field
- OR 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response.
5+ years of experience working with adversary & cyber intel frameworks such as kill-chain model, ATT&CK framework, and Diamond Model.
3+ years' experience with big data and Security Information & Event Management (SIEM) solutions such as ArcSight, Splunk, ElasticSearch, Logstash, Azure Data Explorer, Azure Log Analytics, Azure Data Lake, or Azure Sentinel.
3+ years' experience working with extremely large data sets to answer complex and ambiguous questions, using tools and languages like: SQL, KQL, Jupyter Notebook, Spark, Azure Synapse, R, U-SQL, Python, Splunk, and PowerBI
Asstatedin the job posting, this position requires verification of citizenship or other protected status to meetlegalrequirements of the role. If the role requires US citizenship, as indicated in the job description, a valid US passport must be provided to verify your citizenship.Can you meet therequirementstatedin the job description?
- Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field
- OR 7+ years of experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and anomaly detection.
- CISSP CISA CISM SANS GCIA GCIH OSCP Security+
- Previous experience performing development and code debugging with functional or object-oriented programming such as .NET or Java.
- Expectation to learn new tools and techniques every day. - Good working knowledge of common security, encryption, and protocols such as encryption, PKI, modern authentication and cloud app authorization architectures and protocols such as SAML or OAUTH.
- Past experience working in large scale enterprise products: Azure or M365 products such as Exchange, SharePoint, Skype, Teams.
- Deep and practical OS security/internals knowledge for Linux and Windows.
- Exposure to security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
- Ability to rapidly automate data handling and data curation using PowerShell, Python, Azure Data Factory, and various Azure-based tools.
- Hands-on experience building Azure-based services with Azure Resource Manager (ARM), ARM templates, ARM policy, IaaS, VMSS, KeyVault, EventHub, Azure Active Directory (AAD), etc.
- Hands-on experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
- Certifications like GCIA, GSLC, GCIH, CISM, CISSP, CEH, etc. are plus
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until July 23, 2025.
Responsibilities
- Respond to and investigate sophisticated threats with information from a wide variety of sources, and ensure similar scenarios are prevented in the future.
- Perform forensic investigation on suspected compromised assets and analyze log data to determine what occurred.
- Collaborate with the team to create adversary eviction and incident remediation plans.
- Analyze and improve situational awareness, monitoring coverage, and incident response capabilities.
- Investigate, analyze and eradicate threats proactively.
- Design, develop, and deliver tooling to assist the investigative process and create technical documentation for other analysts and other teams to follow.
- Embody our Culture and Values
משרות נוספות שיכולות לעניין אותך
