Job description

The Security Operations Engineering IC4 role at Microsoft involves the development and implementation of detection rules and signatures to identify and counteract cybersecurity threats. Candidates are expected to possess strong software engineering skills and a deep understanding of cybersecurity principles in order to safeguard Microsoft services at scale.

Responsibility

• Research, develop, implement, and maintain detection rules and signatures to identify potential threats and anomalies.
• Analyse security threats to M365 and build monitoring components to address those threats.
• Collaborate with threat intelligence teams to integrate threat data and enhance detection capabilities.
• Continuously improve detection methodologies and maintain up-to-date knowledge of emerging threats and attack vectors.
• Conduct regular reviews and tuning of detection systems to minimize false positives and ensure high accuracy.
• Develop and implement automation scripts and tools to streamline detection processes and improve efficiency.
• Utilize automation frameworks to automate routine tasks and workflows related to threat detection and response.
• Provide on call support and monitor the health of services in production as part of DevOps culture.
• Execute the Dev-Sec-Ops approach to software delivery by designing, coding, testing, deploying and operating components of Microsoft 365 security monitoring system.

Qualifications

• 8+ year of proven experience in researching and building detection and working with security information and event management (SIEM) systems.
• 5+ years of professional software engineering experience designing, building, and running cloud services at large scale in C#, .Net or any high-level programming language.
• Experience with automation tools and frameworks (e.g., Ansible, Puppet, Chef, Jenkins, LogicApps, CICD).
• Solid understanding of cybersecurity principles, threat landscapes, and attack methodologies.
• Familiarity with various log sources, data formats, and log analysis techniques.
• Excellent problem-solving skills and the ability to think critically and analytically.
• Strong communication skills and the ability to work effectively in a team-oriented environment.
• Self-learner with passion for technologies.
• Must know Secure by Design principles.
• Outstanding ability to communicate complex ideas and concepts to a variety of cross-group stakeholders.
• Strong organization skills, a bias for action, and ability to deliver results.
• Certifications such as CISSP, CEH, GCIH, or similar preferred.
• Proficient working knowledge of cloud-computing environments like Microsoft Azure, AWS, GCP - Azure preferred.
• Hands on experience in an object-oriented programming language such as C#, Java or Scala.
• Strong software design and problem-solving skills.
• Experience with modern software services engineering practices such as testing in production, live monitoring, data driven engineering.
• Experience with machine learning and data analysis techniques.
• Knowledge of other programming languages such as Python, Java, or JavaScript.