Senior Threat Intelligence Analyst

Microsoft Threat Intelligence is recruiting advanced threat hunters - with highly honed threat intelligence analysis skills. We are looking for a candidate that can work closely with enterprise security teams to identify and investigate nation-state threats and provide techniques to detect and track adversaries.

Responsibilities:

As a Senior Threat Intelligence Analyst , you will track sophisticated adversaries and use your technical knowledge of adversary capabilities, infrastructure, and techniques to enhance detections and provide actionable intelligence to partner teams . You will partner closely with the Digital Security and Resilience (DSR) team , the Cyber Defense Operation s Center (CDOC), and other security organizations at Microsoft to provide threat hunting methodologies and best practices . You will identify new data sources for threat hunting to fill gaps and increase visibility. In this role you will be responsible for collaborating with external stakeholders to conduct information sharing to further investigations and threat hunting.

Qualifications:

Required Qualifications:

• 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection

• OR Master's Degree in Statistics, Mathematics, Computer Science or related field.

• 5+ years tracking advanced persistent threat actors and enabling network and host defenses in organizations with demonstrable impact
• 2+ years supporting enterprise security partners on cyber espionage investigations
• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Proven ability to collaborate and establish key threat intelligence partnerships to bolster information sharing and defenses
• Extensive attribution experience creating threat groups, assessing connections between established threat groups, and communicating attribution assessments to internal stakeholders and customers in a timely manner
• A proven track record of surfacing threat actor intrusions previously undetected by defense teams and tool
• Experience with endpoint, cloud, network, and identity based attacks and datasets
• Excellent communication skills and investigative practices
• Ability to obtain a Top-Secret clearance as needed
• Python and scripting knowledge, Jupyter Notebooks
• Network penetration testing and intrusion remediation experience
• Experience with visualization tools

Security Research IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $145,800 - $238,600 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MSFTSecurity