Microsoft Corporation Security Engineer II in Atlanta, Georgia
Cloud Operations and Innovation (CO+I) is the engine that powers Microsoft's cloud services. The team is responsible for designing, building and operating our unified global datacenters; managing the demand planning and capacity utilization of our unified infrastructure; and responsible for all of the operations needed to run the physical infrastructure (including supply chain, hardware, power, security, and workflow teams). We focus on smart growth with an emphasis on automation, data driven engineering, cost-effectiveness, and environmental sustainability.
We deliver the core infrastructure and foundational technologies for Microsoft's over 200 online businesses including Bing, MSN, Office 365, Xbox Live, Skype, OneDrive and the Microsoft Azure platform. Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and over 1 million servers. Our portfolio is built and managed by a team of subject matter experts working 24x7x365 to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.
This core infrastructure is a target for cyber criminals, hacktivists, and nation-state adversaries that seek to bring harm to our businesses, customers, and staff. Holding the line against them these threats is the Datacenter Cyber Defense and Industrial Networking team! We are Microsoft’s industrial strength security team!
With a focus on safety, resiliency, and recovery the Datacenter Cyber Defense and Industrial Networking team is responsible for fielding and operating our datacenters cyber security systems, controls and processes that protect and defend Microsoft’s datacenters operational technologies (OT), industrial scenarios, and other mission critical infrastructures from cyber threats.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
The Datacenter Cyber Defense and Industrial networking team is seeking a motivated, talented, and cyber security focused Senior Security Engineer to join our team! This role works collaboratively across a larger engineering team managing the structure, deliverables, timelines, and prioritization for designing, delivering, automating, securing, and providing operational support for critical industrial networking programs, services and projects in existing and future datacenters.
The cloud business is booming, that means datacenter activities and growth is booming! Our datacenters work 24 hours a day, 7 days a week, 365 days a year – so our programs and services must too be designed, built, and operated in such a way to support that growth and execution model. You will work within the Cloud Operations and Innovation engineering teams as well as partner across external teams handling datacenter engineering, support teams, design and build teams, and key decision makers across CO+I division.
Partnering closely with the peer engineering organizations your role will be to design and deploy security solutions and manage them in a true DevOps fashion. You will be required to possess deep technical skills in Security and drive projects with heavy reliance on key partnerships with global datacenter operations teams and functions at varying levels of the business, teams responsible for the design and delivery of datacenters, Azure network engineering and architecture teams, and all groups affiliated with Microsoft Datacenters (Business & Property groups).
The candidate must possess strong written and verbal communication skills with an ability to speak and present effectively to all levels of business and be willing to jump into any situation to help provide design, support and troubleshoot issues in a 24x7x365 engineering environment. A successful candidate should be able to execute following responsibilities:
Proactively identifies and investigates potential issues in security controls (e.g., cloud network, identity, high security). Leverages expertise and team members to address and drive down issues accordingly. Identifies and/or recognizes patterns and recommends potential mitigation strategies.
Identifies and raises opportunities for automation to improve efficiency and effectiveness. Creates automation as appropriate to drive greater efficiency with high value.
Installs, upgrades, and maintains security services on Azure Cloud as needed leveraging automation. Implements security policy and standards for the service. Escalates issues and recommends mitigations accordingly. Identifies gaps in security policy and administration and recommends mitigation strategies. Engages with other teams to drive consistency and awareness of security policies and standards.
Maintains standards for customer and partner experience. Responds appropriately to customer and partner issues and engages others as needed for resolution. Drives improvements. Identifies trends in customer and partner experience. Recommends improvements. Advocates for customer needs to drive optimal customer experience. Defines customer and partner requirements, anticipates needs, and measures quality of experience.
Analyzes key metrics and key performance indicators (KPIs) and other data sources (e.g., bugs, unhealthy data pipeline) and identifies trends in security issues and escalates appropriately. Recommends improvements and/or metrics to address gaps in measurement.
Participates in on-call DRI rotation to support security services. With minimal guidance, analyzes attempted or successful efforts to compromise systems security. Identifies potential next steps to resolve. Works with partner teams on recommendations to limit exposure. Implements appropriate response plans. Continues to develop ability to analyze independently and make recommendations. Influences others to take action.
Identifies potential issues with detection (e.g., false positives, noise). Engages others to escalate appropriately. Analyzes potential or actual intrusions identified as a result of monitoring activities. Creates detections based on available data (e.g., Indicators of Compromise [IOC] and Tools Tactics Procedures [TTP]). Continues to drive automation of detection and response.Identifies potential threats based on external trends and recommends prioritization for defense-building capabilities
3+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
2+ years of experience with PowerShell/Scripting, Azure Services to automate day to day activities.
Strong background of Cloud based IAM (Identity Access Management) or cloud based security tools for Secrets management or in Firewalls/Intrusion detection/prevention systems
Preferred or Additional Qualifications:
CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, PCCSE, PCNSE, PCSAE, CCNP Security, CCIE Security and/or Security+ certification.
Any experience with industrial control systems is preferred (not mandatory)
1+ years of experience in compliance assessments with internal or external audit teams.
Experience in networking, network security, infrastructure platforms including both on-prem and in the cloud with hands on network infrastructure / security configuration experience.
1+ years of experience on Secrets Management software like Thycotic or authentication systems like ISE/RSA
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to, the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
#COICareers #COIEngCareers #COISecCareers #STSS #CyberDefense #ISSE
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
- Microsoft Corporation Jobs