Enable America Jobs

With over 18,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft’s end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.

The Microsoft Detection and Response Team (DART) is looking for a Principal Security Response Engineer, Infrastructure to join their collaborative team. This position will be a vital individual contributor role on the DART team in taking the lead in threat hunting and forensics in delivery of cybersecurity investigations for our customers. You will work in a fast-paced, intellectually intense, service-oriented environment where collaboration and speed are key to our investigations.

The role is flexible in that you can work up to 100% from home however short notice travel to work onsite alongside customers will likely be 40% or higher as is demanded by the needs of our customers and business. This position may require you to work a rotational On-Call schedule, evenings, weekends or holiday shift. Though schedule changes are not frequent, you will need to have flexibility to accommodate changes as needed.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

Conducting Research

• Identifies, conducts, and supports others in conducting research into critical security areas, such as competitor products, current attacks, adversary tracking, and academic literature. Partners cross-functionally (e.g., across disciplines, teams, or security versus non-security) to design solutions to prevent attacks. Designs lead to engineering projects. Investigates business critical security issues (e.g., root cause, motivation, and impact). Demonstrates role model behavior for others and drives priorities. Elevates findings appropriately to address and mitigate issues. Solicits feedback and evaluates results to incorporate into future research. Resolves differences across teams in how to pursue priorities. Aligns team outcomes with Microsoft goals and strategy. Drives perspective on priorities needed to advance business outcomes.

• Works with others to synthesize research findings into recommendations for mitigation of security issues. Shares across organizations. Provides direction to teams conducting and summarizing research results. Follows up on recommendations as appropriate. Drives change within organization based on research findings. Contributes to professional community by publishing, advancing the Microsoft brand, creating and patenting IP. Develops sustained interaction with research partners (e.g., industry, academia, government). Balances value of dissemination over risk of divulging techniques.

• Defines and collects the information that is needed and analyzes information to gain insight into and address complex security problems and threats. Works with others to incorporate findings into future designs and analyses (e.g. creates working groups). Sought by others for expertise. Demonstrates thought leadership. Influences direction and best practices across the organization. Leads, facilitates, and participates in industry and company-wide forums. Oversees creation and design of mitigations across multiple technologies and / or products. Drives product change to address systemic issues to mitigate and prevent recurrence. Anticipates previously unknown potential artifacts that could be present in data as indicators of attacker activity.

Solution Generation

• Identifies, prioritizes, and targets security issues that require significant and complex mitigation. Creates and drives adoption of relevant mitigations. Drives strategic mitigation, appropriate response, and remediation for categories of issues and across product features. Develops guidelines, models, and best practices to enable teams to avoid common patterns of issues.

Orchestration

• Helps to make connections and assists in developing agreements among groups to clarify priorities, dependencies, and provides coordination across groups. Advocates for key security issues and mitigations to teams and upper management. Autonomously drives coordination and collaboration across organizations. Leads or influences cross-organization internal or external collaboration in representing Microsoft's interests. Influences outcomes aligned to Microsoft strategy.

• Protects tools, techniques, information, and results of security practices. Assesses efficacy of operational security (e.g., red-on-red pen testing). Develops new techniques to evaluate operational security. Teaches others to master techniques. Evangelizes security practices across the company.

Industry Leadership

• Helps others by sharing expertise to identify potential security issues, tools, mitigations, and processes (e.g., architecture, failure modes, attack chain, threat modeling, vulnerabilities). Stays current in areas of expertise. Coaches and mentors others in multiple areas of expertise. Participates in conferences and industry events. Sets example for appropriate risk taking and ethical behavior.

• Tracks advances within the industry, identifies relevant research, and adapts algorithms and/or techniques to develop new tools and automations. Leverages knowledge of work being done on team to propose future efforts. Proactively develops strategic responses to specific strengths, weaknesses, opportunities, threats, and/or trends. Serves as subject matter expert and role model for less experienced engineers.

Other

• Embody our culture and values

Qualifications

Required/Minimum Qualifications

• 7+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection

• OR Doctorate in Statistics, Mathematics, Computer Science or related field.

• 7+ Years project/program management to effectively manage multiple workstreams and resources during incidents, applies diagnostic expertise, provides guidance to other engineers working to mitigate and resolve issues, and maintains a commitment to the quality of products and services throughout the lifecycle.

• 5+ years of data analysis to generate trends.

• 5+ years of technical documentation and executive presentation experience.

Additional or Preferred Qualifications

• 8+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection

• OR Doctorate in Statistics, Mathematics, Computer Science or related field.

Security Research IC5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications and processes offers for these roles on an ongoing basis.

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .