Microsoft Senior Incident Response Engineer 

Italy, Lombardy, Milan 

783073512

Required/Minimum Qualifications (RQs/MQs)

• Native or excellent written and spoken Italian language skills
• Minimum 2+ years Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, windows server, and endpoint security, etc.)
• Minimum 2+ years Cloud investigations experience with Entra ID, Microsoft 365 and Microsoft Defender solutions
• Minimum 1+ years customer facing experience
• Experience supporting large and complex geographically distributed enterprise environments with 1000+ users
• Minimum 1+ years of experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration
• Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 5+ years of technical support, technical consulting experience, or information technology experience

Additional or Preferred Qualifications (PQs)

• Experience in Entra ID and Microsoft 365 management and troubleshooting
• Experience with any Microsoft Defender solutions
• Experience in Azure Identity management and troubleshooting
• Kusto Query Language knowledge
• Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
• Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level).
• Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc.)
• Preferred Bachelor’s degree or higher in a technical field, or relevant work experience
• Experience in Linux and/or Mac administration

Language Qualification

Italian Language: fluent in reading, writing and speaking.

English Language: fluent in reading, writing and speaking.

Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.

Responsibilities:

• Scope customer security incidents
• Understand and identify indicators of attack and indicators of compromise
• Analyse incident data from threat analytics tools
• Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer’s environment
• Coordinate a response to the security incident with other Microsoft security and consulting teams.
• Develop, document, and implement runbooks, capabilities, and techniques for Incident Response
• Perform security triage and analysis on endpoint, server and network infrastructure.
• Perform activities necessary for immediate containment and short-term resolution of incidents.
• Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
• Investigate root cause of complex security incidents
• Maintain a high level of confidentiality
• Participate in the on-call rotation as required