Incident Response Engineer - CIRT
Description For Incident Response Engineer - CIRT
Microsoft's Customer Experience & Success (CE&S) organization, with over 17,000 employees worldwide, is seeking a Senior Incident Response Engineer for their Customer Service & Support (CSS) team. This role is part of an elite customer-facing security support team leading incident response investigations for Microsoft's enterprise customers.
The position involves analyzing, triaging, scoping, containing, and providing guidance for remediation of security incidents. You'll work with cutting-edge security tools and Microsoft's AI technology to help protect customers and resolve complex security challenges. The role requires deep expertise in cloud security, particularly with Microsoft's ecosystem including Entra ID, Microsoft 365, and Defender solutions.
As a Senior Incident Response Engineer, you'll be at the forefront of cybersecurity, working with enterprise-level customers to investigate and respond to security threats. The role offers significant growth opportunities in both technical and customer-facing skills, with exposure to the latest security threats and defensive technologies.
The position offers excellent work-life balance with up to 100% work-from-home flexibility and only 0-25% travel requirements. You'll be part of Microsoft's mission to empower every person and organization on the planet to achieve more, working in a culture that values growth mindset, innovation, and collaboration.
This is an ideal role for security professionals who want to combine technical expertise with customer interaction, offering the opportunity to work on complex security challenges while developing consulting and leadership skills. The position comes with Microsoft's comprehensive benefits package and the opportunity to work with some of the best minds in cybersecurity.
Responsibilities For Incident Response Engineer - CIRT
- Scope customer security incidents
- Analyze incident data from threat analytics tools
- Coordinate response to security incidents with other Microsoft security teams
- Develop and implement runbooks for Incident Response
- Perform security triage and analysis on endpoint, server and network infrastructure
- Investigate root cause of complex security incidents
- Participate in on-call rotation as required
Requirements For Incident Response Engineer - CIRT
- Bachelor's degree in Computer Science, IT or related field AND 5+ years experience OR 7+ years experience
- 2+ years Security Incident Response experience
- 2+ years Cloud investigations experience with Entra ID, Microsoft 365 and Microsoft Defender
- 2 years customer facing experience
- Experience with Windows Server, Windows Client, and Active Directory Administration
- Kusto Query Language knowledge
- Cloud experience with major cloud providers
- Automation skills in PowerShell and/or Python
- Experience supporting enterprise environments with 1000+ users
Benefits For Incident Response Engineer - CIRT
- Industry leading healthcare
- Educational resources
- Discounts on products and services
- Savings and investments
- Maternity and paternity leave
- Generous time away
- Giving programs
- Networking opportunities
Jobs Related To Microsoft Incident Response Engineer - CIRT
