Security Analyst

OverviewSecurity represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Microsoft Cyber Defense Operations is seeking a Security Analyst to join our team. In this role, you'll collaborate with security experts across Microsoft to investigate threats, proactively hunt for compromise, enhance and automate processes, and contribute your expertise to initiatives that strengthen the security and scalability of our services. You'll be part of a team focused on identifying emerging threats, coordinating large-scale responses, and driving investigations that protect our customers. This is a unique opportunity to work in a high-impact environment where your contributions directly support the security of Microsoft's cloud platform and online services. The Security Analyst will be passionate about strengthening defenses and protecting customers from evolving threats. If you're driven by the mission to protect and innovate, this role offers continuous opportunities to learn and grow.Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

ResponsibilitiesAutomationIdentifies and raises opportunities for automation to improve efficiency and effectiveness. Creates automation as appropriate to drive greater efficiency with high value.CollaborationWith minimal guidance, works with internal and external parties to push solutions to the environment to address threats.Customer / Partner ExperienceMaintains standards for customer and partner experience. Responds appropriately to customer and partner issues and engages others as needed for resolution. Drives improvements. Identifies trends in customer and partner experience. Recommends improvements. Advocates for customer needs to drive optimal customer experience. Defines customer and partner requirements, anticipates needs, and measures quality of experience.Data-Driven AnalysisAnalyzes key metrics and key performance indicators (KPIs) and other data sources (e.g., bugs, unhealthy data pipeline) and identifies trends in security issues and escalates appropriately. Recommends improvements and / or metrics to address gaps in measurement. Leverages multiple sources of data in conducting and interpreting analysis. Evaluates data sets for anomalies and other patterns.Identification and Detection of Control FailuresProactively identifies and investigates potential issues in controls (e.g., network, identity, high security). Leverages expertise and team members to address and drive down issues accordingly. Identifies and / or recognizes patterns and recommends potential mitigation strategies. Finds opportunities to leverage and contribute to the internal Microsoft community.Monitoring and DetectionIdentifies potential issues with detection (e.g., false positives, noise). Engages others to escalate appropriately. Analyzes potential or actual intrusions identified as a result of monitoring activities. Creates detections based on available data (e.g., Indicators of Compromise [IOC] and Tools Tactics Procedures [TTP]). Continues to drive automation of detection and response.Red / Purple Team OperationsDrives processes across kill chain. Evaluates tactics for effectiveness and to inform security posture. Organizes and contributes to Red Team reports and issue tracking.Security Incident ResponseWith minimal guidance, analyzes attempted or successful efforts to compromise systems security. Identifies potential next steps to resolve. Works with partner teams on recommendations to limit exposure. Implements appropriate response plans. Continues to develop ability to analyze independently and make recommendations. Influences others to take action.Threat Intelligence and AnalysisIdentifies potential threats based on external trends and recommends prioritization for defense-building capabilities.Translate Security Policy and Standards into Effective ControlsImplements security policy and standards for the service. Escalates issues and recommends mitigations accordingly. Identifies gaps in security policy and administration and recommends mitigation strategies. Engages with other teams to drive consistency and awareness of security policies and standards. Educates others (e.g., business partners, peers) on security policy.Embody our culture and values