Microsoft Corporation

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

Senior Threat Analyst

at Microsoft Corporation

Posted: 11/16/2019
Job Reference #: 745289
Keywords: analyst

Job Description

  • Job locationUS-WA-Redmond
    Date posted3 weeks ago(11/15/2019 6:10 PM)
    Job number
    Job category
    Software Engineering
    Employment type
    Role type
    Individual Contributor
  • Overview

    Are you interested in working on the cutting edge of enterprise security products? Do you want to combat evolving, advanced security threats? Do you want to help shape intelligence and analytics systems powering one of the most advanced security products Microsoft offers today?

    Microsoft Defender Advanced Threat Protection (MDATP) is the security service that enables Microsoft’s enterprise customers to detect, investigate, and respond to advanced threats on their networks via a combination of endpoint behavioral sensors, cloud security analytics and threat intelligence.

    The MDATP research team is looking for a deeply technical and passionate threat analyst who is interested in working on an emerging product in a fast-paced startup style environment to deliver security research in the form of an intelligence service that ships continuously.


    In this role, you will work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, and their tools and infrastructure. You will use threat research and data science to not only enhance our optics and capability but also hunt for real cyber threats while producing intelligence reports and analysis for cyber security stakeholders across Microsoft, our external partners, and our customers.


    Required Qualifications

    • 3+ years of professional experience tracking cyber threats and leveraging intelligence on attacker methodology, tools, and infrastructure.

    Preferred Skillsets and Experience:

    • Excellent communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.
    • Experience in security research, incident response and attacker tradecraft.
    • Experience working with extremely large data sets, using tools and scripting languages like Excel, SQL, Python, Splunk, and PowerBI.
    • Experience working closely with threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics.
    • Demonstrated capability to analyze and coherently present complex threat intelligence information in a meaningful way.
    • Experience working with detection methodologies across multiple platforms.
    • Ability to utilize attacker uptake and impact to prioritize security detection and remediation tasks.
    • Deep and practical OS security/internals knowledge.
    • Understanding of network protocols and analytical experience with network infrastructure data & telemetry.
    • Reverse-engineering with static and behavioral binary analysis experience.
    • Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.
    • Programming or scripting background (Python, PowerShell, C#, C++, etc.) is a plus.

    Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

    Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

    Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.