Azure Security Incident Response Engineer
Bucharest, Bucharest, Romania
1 zi în urmă

As a Security Incident Response Support Engineer , you will be an elite member of a customer facing security support team leading incident response investigations for Microsoft’s enterprise customers.

You have experience in analyzing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents.

You are familiar with collecting and analyzing security incident related data to identify indicators of attack and compromise.

You have a passion for learning new technologies, collaborating with other experts to find solutions, having complete customer obsession, continuously optimizing and improving the customer support experience, and having fun.

You enjoy working on challenging issues that require in depth investigation, excellent communication, and complete ownership to drive issues to resolution.

You obsess over small details to make sure that each customer interaction not only drives issues to resolution, but also ensures that customers are effectively using Microsoft technologies to further the success of their business.

Beyond extensive technical focus, this role requires the ability to communicate issues and recommendations clearly and concisely and build broad relationships with influencers to impact key business results.

You understand incident response best practices and use this understanding to influence key decision makers.


  • Scope customer security incidents
  • Understand and identify indicators of attack and indicators of compromise
  • Analyze incident data from different threat analytics tools
  • Communicate recommendations and guidance based on results of security incident analysis to the customer
  • Coordinate a response to the security incident with other Microsoft security and consulting teams
  • Develop, document, and implement runbooks, capabilities, and techniques for IR
  • Perform security triage and analysis on endpoint, server and network infrastructure
  • Collaborate with the security intelligence team by providing samples of malware from the customer’s environment
  • Perform activities necessary for immediate containment and short-term resolution of incidents
  • Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
  • Soft Skills

  • Experience supporting large and complex geographically distributed enterprise environments with 1000+ users
  • Demonstrated passion for learning new technologies
  • Strong collaborative skills and extensive cross-group coordination skills
  • Excellent documentation skills and ability to translate complex technical processes into simple to follow written guides
  • Previous experience working in a large, complex, highly matrixed global organization is preferred
  • Ability to work in a high pace environment with many competing priorities and randomization
  • Technica Skills

  • Demonstrated experience in Network Security Administration, and / or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration
  • Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS / IPS Analysis, threat analytics, windows server, and endpoint security, etc.)
  • Knowledge and hands-on experience working with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
  • Automation (PowerShell and / or Python, Java, or a similar language, can be a beginner to intermediate level).
  • Experience in Linux and / or Mac administration is prefered
  • Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings : Microsoft Cloud Background Check : This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.

    Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.