Incident Response Engineer - CIRT
Description For Incident Response Engineer - CIRT
Microsoft's Customer Experience & Success (CE&S) organization, with over 17,000 employees worldwide, is seeking a Senior Incident Response Engineer for their Customer Service & Support (CSS) team. This role is part of an elite customer-facing security support team leading incident response investigations for Microsoft's enterprise customers. The position offers a flexible work arrangement with up to 100% remote work capability.
The ideal candidate will be responsible for analyzing, triaging, scoping, and containing security incidents while providing remediation guidance and determining root causes. They will work with Microsoft's AI technology to help customers resolve issues quickly and securely. The role requires expertise in collecting and analyzing security incident data to identify attack patterns and compromise indicators.
This is an excellent opportunity for security professionals looking to accelerate their career growth while working with enterprise-level security tools and systems. The position combines technical expertise with customer service, requiring both strong incident response skills and the ability to communicate effectively with clients.
Key technologies include Microsoft Defender solutions, Entra ID, Microsoft 365, Azure Identity management, and various cloud security tools. The role involves working with PowerShell/Python automation and requires knowledge of Kusto Query Language. The position offers comprehensive benefits including industry-leading healthcare, educational resources, and generous time-off policies.
Join Microsoft's mission to empower every person and organization on the planet to achieve more, while working in a culture that values growth mindset, innovation, and collaboration. This role offers the unique opportunity to impact enterprise security at a global scale while maintaining work-life balance through flexible working arrangements.
Responsibilities For Incident Response Engineer - CIRT
- Scope customer security incidents
- Identify indicators of attack and compromise
- Analyse incident data from threat analytics tools
- Collaborate with Security and Threat Intelligence teams
- Coordinate security incident response
- Develop and implement incident response runbooks
- Perform security triage and analysis
- Investigate root cause of complex security incidents
- Maintain knowledge of threat landscape
- Participate in on-call rotation
Requirements For Incident Response Engineer - CIRT
- Bachelor's degree in Computer Science, IT, or related field AND 5+ years technical experience
- 2+ years Security Incident Response experience
- 2+ years Cloud investigations experience with Entra ID, Microsoft 365 and Microsoft Defender
- 2 years customer facing experience
- Experience supporting enterprise environments with 1000+ users
- Network Security Administration experience
- Experience in Azure Identity management
- Kusto Query Language knowledge
- Cloud experience with major providers
- Automation skills (PowerShell and/or Python)
- Ability to meet security screening requirements
Benefits For Incident Response Engineer - CIRT
- Industry leading healthcare
- Educational resources
- Discounts on products and services
- Savings and investments
- Maternity and paternity leave
- Generous time away
- Giving programs
- Opportunities to network and connect
Jobs Related To Microsoft Incident Response Engineer - CIRT
