Senior Security Service Engineer

Last updated 2 days ago
Location:Redmond, Washington
Job Type:Full Time

Do you thrive when working as a first responder to information security events? Are you passionate about helping and protecting customers? Does the challenge of making a startup environment succeed pique your interest? The Microsoft Managed Desktop Security Operations team may be the place for you!

Microsoft Managed Desktop is a ground breaking, new service offering from Microsoft built on top of Microsoft 365 with our Windows, Office 365, Cloud management and security capabilities. At its core, Microsoft Managed Desktop helps generate an environment for creative and collaborative work, leverages modern always up to date devices, attracts and retains generational talent that will help IT focus on their overall digital transformation, and will allow organizations to stay current in a more simplistic and scalable manner.

The Security Operations team is responsible for maintaining the secure state of our Microsoft Managed Desktop devices around the world. Our primary role is to respond to event detections, such as malware alerts, with expert analysis and drive response activities when an event becomes a security incident. Work on this team isn’t just about fixing one system, but mitigating risks at scale across a service ecosystem.


Security Operations team members will:

  • Quickly and accurately respond to detected events affecting our managed customers
  • Lead analysis of event data to identify impact and assess the overall risk to a device, a customer environment, and/or the entire managed ecosystem
  • Drive the security incident response process, including customer-facing engagements and communications
  • Hunt for emerging threats using the tools and data that we have, identifying and addressing risks before they are exploited
  • Participate in a 24/7/365 on-call rotation, which can include working outside normal business hours in response activities



  • 7+ Years of Experience in the information security field, preferably in a response role with a focus on malware, event management and/or incident response
  • Hands-on expertise using Microsoft Defender and Microsoft Defender Advanced Threat Protection for Windows 10 clients
  • Prior experience working in a security operations center and familiarity with Microsoft's security response process is a plus
  • 4+ Years of Experience working with external customers
  • Knowledgeable about malware families, their capabilities, and other risks/techniques associated with host compromise
  • Strong understanding of common attacks (Software, Network, and People), ability to determine the risk they pose to an environment and experience mitigating their impact
  • Familiarity with device management via Microsoft Intune is highly desired
  • Excellent written and verbal English communication skills; a writing sample may be requested
  • S. or B.A. degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience
  • CISSP certification preferred but not required, GCIH, GCED, or other SANS certifications are desirable

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.