Senior Incident Response Engineer

Interested in security and incident response? Then come join the Cybersecurity Incident Response Team (CIRT) at Microsoft as a Senior Incident Response Engineer responsible for helping customers investigate security incidents in their environment.

With over 18,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft’s end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.

Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we help customers and partners resolve their issues quickly, prevent future problems from occurring, and demonstrate new ways to achieve more from their Microsoft investment.

As a Senior Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for Microsoft’s enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.

In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Senior Incident Response Engineer you will own, troubleshoot and solve highly complex customer technical issues. This opportunity will allow you to accelerate your career growth by honing your problem-solving, collaboration and research skills, and developing your technical proficiency.

This role is flexible in that you can work up to 100% from home.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities:

• Scope customer security incidents
• Understand and identify indicators of attack and indicators of compromise
• Analyse incident data from threat analytics tools
• Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer’s environment
• Coordinate a response to the security incident with other Microsoft security and consulting teams.
• Develop, document, and implement runbooks, capabilities, and techniques for Incident Response
• Perform security triage and analysis on endpoint, server and network infrastructure.
• Perform activities necessary for immediate containment and short-term resolution of incidents.
• Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
• Investigate root cause of complex security incidents
• Maintain a high level of confidentiality
• Participate in the on-call rotation as required