Sr SOC Automation Engineering Lead

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Cyber Defense Operations is an organization led by Microsoft’s Chief Information Security Officer and enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework.  In support of this mission, we are looking for a Senior SOC Automation Engineering Lead who will work on installation, maintenance, support and optimization of all security-related components the team is responsible for.  You will work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed. Do you love the excitement and learning opportunity to study, analyze and deal with the complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities

• You will guide teams on customer and partner experience expectations and support efforts to improve this experience. You’ll also direct your team to identify security issue trends and patterns by analyzing key metrics.
• Build automation solutions to increase the efficiency and effectiveness of the analysts in the Security Operations Center (SOC).
• You will lead the team on continuous research to identify potential threats and develop automated response actions and data enrichments to strengthen our cloud defenses.
• You will automate data handling, security asks and automated responses to increase SOC efficiency using scripts, Logic Apps, Python and various Azure-based tools.
• Collaborate with detection engineering teams across the company to drive innovation and continuous improvement.
• Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation.
• KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management.

Qualifications

Required/Minimum Qualifications

• 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), and information technology (IT) operations

  •  OR Master's Degree in Statistics, Mathematics, Computer Science or related field.

• 4+ years of work experience in cybersecurity or engineering automation.
• 2+ years of people management or team lead experience.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

• 7+ years of experience in software development lifecycle, large scale computing, modeling, cyber security, and anomaly detection

   

  • OR Doctorate in Statistics, Mathematics, Computer Science or related field.

• 1+ years leading a security function (e.g., Security Operations Center [SOC], threat and vulnerability management [TVM]) OR 3+ years of experience in SOC in any capacity.
• Good knowledge of networks, network protocols, such as tcp/ip, DNS, arp;
• Experience with workflow management and automation systems like Azure Logic Apps, Power Automate, etc. (Or competitive equivalents and willing to learn!)
• Understanding of various attack methods, vulnerabilities, exploits, malware.
• Knowledge of Azure Sentinel is an added advantage.
• Deep Understanding of Windows internals

Security Operations Engineering M4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:  https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until February 28, 2025.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#MicrosoftSecurityJobs #securityjobs #infosec #MSFTSecurity #CISOrg 

#MSFTNSBE25