Senior Security Operations Engineer
 Microsoft | |
 United States, Washington, Redmond | |
 Nov 14, 2024 | |
|
OverviewAre you looking for a challenge that puts you at the center of the Microsoft Edge + Platform Security Fundamentals (EPSF) strategy? Are you passionate about solving the security challenges of critical online services? Are you passionate about defensive and offensive security? Microsoft's EPSF (Edge + Platform Security Fundamentals) team is responsible for securing some of Microsoft's largest and most influential online services in the Azure Edge & Platform (AEP) organization and Windows Devices organization (W+D). The EPSF Services Pentest (SERPENT) team needs a Senior Security Operations Engineer to increase our business partners' security posture. EPSF Security has a world-class security team that helps ensure a secure experience for millions of users worldwide. We primarily focus on offensive security and defensive security and work closely with multiple teams across the company to continually improve our operational awareness. Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
ResponsibilitiesThe primary responsibilities of this role include:* Security Incident ResponseIndependently analyzes prioritized attempted or successful efforts to compromise systems security; recommends next steps and escalations to resolve. Develops response plans for new or nuanced issues. Devises mitigation steps; provides guidance to limit exposure. Apprises leadership of status. Manages stakeholder communication appropriately. Conducts postmortem analysis. Helps others understand triage, analysis, and prioritization.* Identification and Detection of Control FailuresDesigns solutions to address identified control issues (e.g., network, identity, high security), taking intended and unintended consequences into account. Operationalizes and scales a program and solution appropriately. Identifies high priority opportunities and makes data-driven recommendations for efficiencies to improve security posture (e.g., streamline processes, automate). Assists team with technical acumen as needed.* AutomationRecommends automation to improve effectiveness and efficiencies of security operations; supports development and implementation of new automation. Provides automation and proactively proposes where investment will yield greatest efficiencies. Develops and implements solutions; improves solutions over time.* Monitoring and DetectionBuilds new detection capabilities; researches new attacks and identifies trends to reduce noise in detections. Drives prioritization and resources required to address potential or actual intrusions identified as a result of monitoring activities. Drives automation of detection and response.* Threat Intelligence and AnalysisRecommends potential detections and signatures for defense capabilities based on analysis and understanding of threat trends in the industry* Data-Driven AnalysisRecommends mitigation strategies based on trends identified in the analysis of key metrics, key performance indicators (KPIs), and other data sources (e.g., bugs, unhealthy data pipeline). Defines and implements metrics to address gaps in measurement. Influences others to take action in response to findings, prioritized by severity.* Penetration TestingUnderstands how weaponized code can be used in operations; determines how tactical tools can be adopted to larger scale automation. Engages security assurance organizations to identify new Tools Tactics Procedures (TTPs) and leverages in breaches operations * Other Embody our Culture & Values | |