Senior Security Engineer

Microsoft   •  

Redmond, WA

Industry: Technology

  •  

5 - 7 years

Posted 32 days ago

This job is no longer available.



Responsibilities:

In this role you be responsible for supporting threat intelligence analysts by creating tools and software to enable identifying and tracking sophisticated adversaries.

  • Work with analysts by observing gaps and opportunities to provide efficiencies in the data
  • Provide feedback to PMs that have long term planning of tool development
  • Define, develop, and implement tooling and techniques to both discover and track adversaries of today and identify the attacks of tomorrow.
  • Develop software to support triage and analysis of datasets and information associated with APT activity and behavior as well as APT artifact analysis.
  • Building tooling to decode data to enable analysts to understand and mitigate a threat
  • Partner with other groups to better enable security analysis scenarios



Qualifications:

Required Qualifications:

  • 5+ years of professional software development lifecycle experience in C# , C++, and/or Python
  • 5+ years working with products and services to improve security for customers
  • 2+ years working with big data technologies (Cosmos, Hadoop, Azure Data Lake, etc)

Preferred Qualifications:

  • Experience with development involving extraction/manipulation/summarization of security logs and feeds
  • 2+ years of experience correlating across very large and diverse datasets (ADE, Azure Data Lake, )
  • 2+ years working with SQL-based databases
  • Experience working closely with threat intelligence analysts to understand their workflow and analytic
  • Applied knowledge of adversary phases of operation- particularly how to work across the phases in order to uncover new intelligence.
  • Knowledge across critical elements and common data types used in threat intelligence analysis, including:
  • malware used in targeted adversary comapigns
  • host and log forensics
  • network forensics
  • Experience supporting incident response


627717