|Job Type:||Full Time|
Are you interested in discovering and tracking emerging threats, and using that information to deliver detection to Microsoft and its customers? Do you want to be part of the team that provides security analysis services for products such as Office 365's Advanced Threat Protection? Do you like reversing malwares? We’ll give you malware to analyze. Love coding? There’s plenty to write. Are you a data buff? Then this place is for you! Come join us at Microsoft Threat Intelligence Center (MSTIC) in C&AI Security!
Microsoft Threat Intelligence Center (MSTIC) is looking for an experienced Security Engineer to join the Microsoft Global Research and Response Team. MSTIC is focused on countering adversary-based threats to Microsoft and its customers through production and dissemination of threat intelligence, proactive hunting and incident response, and the development of new tools and approaches to detect adversary activity. The team focuses on tracking emerging email borne threats (malware/phishing), writing detections, hunting for targeted threats/campaign and generating premium threat intelligence content.
- Analyze email messages to identify Phish/Spam/Malware content and come up with strategies to address them
- Analyze large datasets to identify Phish/Malware trends;
- Provide in-depth / FP / FN analysis for Office 365 Advanced Threat Protection service;
- Implement rich security analysis and production quality detection capabilities (Heuristics and Machine Learning) in the cloud;
- Respond to escalations from partner, engineering, sales & marketing teams
- Respond to incidents and alerts as they are detected, and take appropriate actions to protect the environment
- Hunt for targeted attacks, 0’day exploits and new threats targeting Microsoft and customers;
- Generate quality technical reports/blog content on the research, trending threats and their detections
- BS in Computer Science or Computer Engineering, or at least 5 years of comparable industry experience;
- 3+ years of experience in Malware Analysis, Reverse Engineering and various sandbox technologies
- 3+ years of experience in analyzing and responding to email borne threats
- 3+ years of experience in writing system and network based signatures (Regular Expressions, Yara, ClamAV, Snort)
- Experience in programming (C/C++/C# or Python) and building automations.
- Experience in ML and AI methodologies (e.g. Supervised/unsupervised learning, deep networks, natural language processing) and ML development tools (e.g. Tensorflow, Scikit-Learn).
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.