Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Microsoft Senior AI Security Incident Responder 
United States 
312828522

30.07.2024

Required/Minimum Qualifications:

  • 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
    • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
  • 5+ years of experience in information security incident handling and/or security operations.
  • Experience triaging security vulnerabilities and driving product and/or service response.

Other requirements:

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

  • Familiarity with AI models and how to prevent/detect/respond to security threats in AI/ML.
  • Working knowledge of common security, encryption and protocols such as encryption, AuthN/AuthZ, PKI, modern authentication and cloud app authorization architectures and protocols such as SAML or OAUTH.
  • Expertise with Microsoft's line of security products: Microsoft Defender for Endpoint (MDE), Microsoft Defender for Office (MDO), Microsoft Defender for Identity (MDI), Microsoft Cloud App Security (MCAS), Azure Sentinel, Azure Security Center (ASC), etc.
  • Experience with big data and SIEM solutions such as ArcSight, Splunk, Elasticsearch, Logstash, Azure Data Explorer, Azure Log Analytics, Azure Data Lake, Azure Sentinel, etc.
  • Ability to work effectively in ambiguous situations and respond favorably to change
  • Comfortable working in a startup mode on a new team where there is lots of opportunity
  • Certifications like GCIA, GSLC, GCIH, CISM, CISSP, CEH, Etc. are a plus.
  • 3+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, analyst, researcher, etc.) field.
  • Familiarity of security response against active adversaries.
  • Experience working with analytics software, like PowerBI, to answer and illustrate complex problems.
  • Skilled working with SOAR toolsets.
  • Experience working with automation tools such as, logic apps, power automate, and PowerShell.
  • Demonstrated ability to understand and communicate technical details, both verbally and written, to varying levels of audiences that may include C-level executives.
  • Ability to work collaboratively with engineering teams to drive architectural changes that improve the stability and security of each environment.
  • Hands-on experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
  • Demonstrated success in dealing with ambiguity and problem definition under timeline constraints.
  • An ability to work well under pressure while maintaining professionalism.
  • Exposure to security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
  • Ability to meet on call responsibilities periodically to support 24x7 operations.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until August 2, 2024.

Responsibilities
  • Performing cyber defense incident and/or vulnerability triage to determine scope, urgency, and potential risk impact.
  • Make high-stake decisions that enable expeditious remediation of risk to protect customers and Microsoft.
  • Track and document cyber defense incidents from initial escalation through final resolution.
  • Provide tactical security decisions and coordinate enterprise-wide cyber defenders to resolve incidents.
  • Send timely and clear executive updates explaining the risk to customers and Microsoft.
  • Advise and validate customer notifications and/or authoritative security guidance for customers.
  • Conduct incident analysis, produce reports, and briefs informing threat landscape trends and future investment areas to improve security.
Other:
  • Embody our and