Empower every person and organization on the planet to achieve more. That’s what inspires us, drives our work, and pushes us to challenge the status quo every day.
Security is a top priority for Microsoft because it is a top concern for our customers. Microsoft’s Security and Compliance team has invested deeply to build strong 1st party security capabilities across Microsoft 365.
We power protection of tens of millions of users across products like Office 365, Outlook, Microsoft Threat Protection, Mobile Threat Detection, Edge, and more.
The fight against cybercrime requires defenders to be adaptive and responsive to the rapidly evolving threat landscape. To protect our customers from an adaptive adversary and help them manage complexity in the cyber operation, we in turn need to innovate.
Our threat intelligence team is critical to our innovation cycle, correlating product signals and curating actionable threat intelligence insights.
We are seeking a Threat Analyst to join our threat intelligence team. In this role, you will drive innovative investigations to understand the latest in web and email-based attacks and the adversaries behind them, while working with a diverse team of world class data scientists, security researchers, applied researchers, engineers, and internal & external partners to empower our customers to communicate & browse with confidence and trust.
As a Threat Intelligence Analyst, you will be responsible for :
Authoring intelligence reports and analysis for cyber security stakeholders across Microsoft, our external partners, and our customers.
Analyzing massive data sets to uncover and document attacker campaigns and drive broad product protections.
Tracking adversary activities to develop attacker tradecraft and support durable detection innovations.
Partnering across Microsoft to drive advances in threat detection and tracking adversaries, techniques, tools, and infrastructure.
Innovating on operating processes to gain efficiencies and improved customer protections.
Making good, timely, and practical decisions with uncertainty on a consistent basis.
Required Qualifications :
2+ years of experience in Threat Intelligence, Incident Response, IT Security, malware analysis, offensive security, tracking cyber threats, or a related domain
1+ years of experience querying, analyzing, and drawing intelligent conclusions from large data sets
Experiencedriving efficient and thorough investigations
Excellent verbal and written communication skills in English, with substantial experience explaining your research through reports and / or presentations
Preferred Qualifications :
Insatiable curiosity to learn about attacker patterns and behaviors, with a drive to build innovative detections and protections.
In-depth security research experience with long running campaigns or attacks, with demonstrated security report or blog publication.
Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK and experience using them to track attacks related to phishing and web-based threats.
Familiar email headers, email / web security protocols, and related analysis tools.
Experience authoring and interacting with big data solutions to pull and analyze data using tools and languages like SQL, Python, Splunk, KQL, Jupyter Notebooks, and Power BI.
Experience working through ambiguity to drive innovations in detections and internal team processes.