Senior Threat Intelligence Analyst - Top Secret - CTJ

We are looking for a Senior Threat Intelligence Analyst to join our National Security and Trust (NST) team. Security represents one of our highest priorities in a world of increasing threats. Microsoft is proud to have the opportunity to serve our government and offer an opportunity for you to do the same. Reporting to the Director of Threat Management the Threat Analyst will work collaboratively with Microsoft’s Customer Security, Trust (CST), Corporate, External, and Legal Affairs (CELA), and Digital Security and Resilience (DSR) teams to identify and mitigate threats to the company and our customers. 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. 

Required/Minimum Qualifications

• Bachelor's Degree in Business, Operations, Finance or related field AND 4+ years work experience in program management, process management, process improvement
  • OR equivalent experience.
• 6 + years of insider threat. 
• Demonstrated knowledge of the minimum U.S. Government standards for insider threat programs.   

Other Requirements

The successful candidate must have an active U.S. Government Top Secret Security Clearance.  Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate clearance and/or customer screening requirements may result in employment action up to and including termination.

Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

Cloud Screening: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government clearance.

Preferred Qualifications

• Relevant certifications: ITPM, CISSP, CISM, CRISC, etc. 
• Familiarity with current technology industry trends and cybersecurity challenges.  
• Demonstrated knowledge and application of industrial security policies and regulations including Intelligence Community Directives (ICD) and the NISPOM (CFR Part 117) related to insider threat. 

Business Program Management IC4 - The typical base pay range for this role across the U.S. is USD $94,600 - $183,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $122,000 - $200,500 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:    

Microsoft will accept applications for the role until January 16, 2025

Analyzing, assimilating, and evaluating all available suspicious activity, threat, and intelligence information collected.  

Experience in analyzing high volumes of logs, network data, and other artifacts, as well as understanding and analyzing emergent computer, telecommunications, biometric, or geospatial technology threats.  

Written composition ability, professional oral briefing skills and rigorous attention to detail. 

Work with case management software and open-source intelligence (OSINT) collection tools to support investigations and threat assessments. You will leverage these tools to collect, analyze, and manage data, ensuring comprehensive and accurate threat analysis.  

Perform research and analysis of companies and individuals to identify patterns, concerns, or threats aiding in efforts to identify foreign intelligence entities and other adversarial threats to Microsoft equities. 

Produce analytic products summarizing trends and threats from foreign entities to support Microsoft organizations. 

Within policy and law, and in collaboration with stakeholders to monitor previously assessed companies for new or developing foreign ownership, control, or influence (FOCI) concerns. 

Provide analytical support to Microsoft internal entities in support of related investigative and national security efforts. Identify trends and actions of intellectual property theft and technology transfer and provide informational briefings outlining findings to facilitate the efforts to prevent such theft / loss. 

Identify access and threat vectors commonly exploited by foreign intelligence, or other adversaries, to target technology companies and associated supply chains and subsequently provide informational briefings and other analytical products in support of the risk mitigation efforts, as needed. 

Produce and publish analytical products for leadership/internal customers, and partners. 

Conduct counterintelligence assessments on potential vendors and proposals to identify potential foreign ownership, control, or influence, cybersecurity, and regulatory risks. 

Collaborate with internal and external stakeholders, such as program managers, analysts, and other relevant parties to ensure that counterintelligence assessments are conducted in a timely and effective manner. 

Maintain up-to-date knowledge of relevant laws, regulations, and industry best practices related to counterintelligence, FOCI, cybersecurity, and regulatory risk. 

Report recommendations and inputs to the Analysis Lead. 

Develop and coordinate procedures for assessing incoming requests, prepare analytical reports, make assessments, and manage case closures.