Receive alerts when this company posts new jobs.
Senior Threat Analyst
at Microsoft Corporation
- Job number
- Job category
- Software Engineering
- Employment type
- Role type
- Individual Contributor
Are you interested in working on the cutting edge of enterprise security products? Do you want to combat evolving, advanced security threats? Do you want to help shape intelligence and analytics systems powering one of the most advanced security products Microsoft offers today?
Microsoft Defender Advanced Threat Protection (MDATP) is the security service that enables Microsoft’s enterprise customers to detect, investigate, and respond to advanced threats on their networks via a combination of endpoint behavioral sensors, cloud security analytics and threat intelligence.
The MDATP research team is looking for a deeply technical and passionate threat analyst who is interested in working on an emerging product in a fast-paced startup style environment to deliver security research in the form of an intelligence service that ships continuously.
In this role, you will work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, and their tools and infrastructure. You will use threat research and data science to not only enhance our optics and capability but also hunt for real cyber threats while producing intelligence reports and analysis for cyber security stakeholders across Microsoft, our external partners, and our customers.
- 3+ years of professional experience tracking cyber threats and leveraging intelligence on attacker methodology, tools, and infrastructure.
Preferred Skillsets and Experience:
- Excellent communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.
- Experience in security research, incident response and attacker tradecraft.
- Experience working with extremely large data sets, using tools and scripting languages like Excel, SQL, Python, Splunk, and PowerBI.
- Experience working closely with threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics.
- Demonstrated capability to analyze and coherently present complex threat intelligence information in a meaningful way.
- Experience working with detection methodologies across multiple platforms.
- Ability to utilize attacker uptake and impact to prioritize security detection and remediation tasks.
- Deep and practical OS security/internals knowledge.
- Understanding of network protocols and analytical experience with network infrastructure data & telemetry.
- Reverse-engineering with static and behavioral binary analysis experience.
- Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.
- Programming or scripting background (Python, PowerShell, C#, C++, etc.) is a plus.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.