Cyber Security Analyst

About the job

Cyber Security Analyst

Digital Security & Resilience

The mission of Microsoft Digital is to power, protect, and transform Microsoft as the voice of our digital transition in the market. As part of Microsoft’s Cloud + AI Group, we are responsible for building, managing, and securing the platform, products, processes, and services that powers Microsoft. We build, maintain, and implement a cloud-first approach to our technology and experiences, from custom-built business solutions developing our campus of the future and our productivity and collaboration experiences like Teams and SharePoint, to horizontal 3rd party solutions like SAP and Adobe. As a steward of Microsoft and our customer’s data, a core function of Microsoft Digital is ensuring the security of every aspect of the business. Microsoft Digital is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. Microsoft Digital’s charter is also to influence and work alongside engineers across the company and with strategic partners to build and grow their cloud products and services. As customer zero, we deploy these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more!

The Digital Security and Resiliance (DSR) team is looking for Security Professionals to work on a highly collaborative, dynamic and high-impact security team. The Security Operations and Incident Response Team is looking for motivated and qualified individuals to perform outstanding work as a Cyber Security Analyst supporting the Microsoft corporate and specialized Government networks.

As a Cyber Security Analyst, you will have the opportunity through advanced security technologies and extensive automation to detect security threats, conduct detailed and comprehensive investigations, and drive issues to remediation and closure. You will have the opportunity to collaborate with teams across the company on technology and processes to improve automation, detection, response, and drive security efforts at the highest levels within the company. You will have the opportunity to contribute to developing innovative solutions for cyber defense that will protect the company and our global customers.


Key responsibilities:

  • Detect and respond to advanced threats, actor techniques, anomalous or suspicious activity to identify potential and active risks to systems and data.
  • Conduct detailed comprehensive investigation and triage on wide variety of security events and implement response and remediation efforts.
  • Drive prioritization of significant security events across the operations center and incident response teams
  • Keep up to date on emerging vulnerability and threat trends. Collaborate with internal security partners to derive indications and warnings of impending threat, use this knowledge to drive proactive threat monitoring.
  • Participate in creating innovative ways to use a wide range of security event data to advance detection methods and product capability.
  • Develop and maintain operational playbooks that guide the security operation’s day to day activities
  • Participate in shifts, on call rotation, and after-hours responsibilities and escalations in a 24×7 environment.


Required Qualifications:

  • Bachelor’s degree in Computer Science or Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience.
  • 1 + years of hands-on experience in security operations or working with security logs to detect and resolve issues.
  • The successful candidate must be a U.S. Citizen.


These requirements include, but are not limited to the following specialized security screenings

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.

Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements.

  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

    Preferred Qualifications

    • Experience in analyzing a wide variety of network/host security logs to detect and resolve security issues.
    • Working knowledge/understanding of TCP/IP or OSI network protocol stack and major protocols (TCP, UDP, ICMP, HTTP, SMTP, etc.).
    • Working knowledge of security tools such as NIDS/NIPS, HIDS/HIPS, SIEM, SOAR, and security analysis tools.
    • Understanding of web and database technologies.
    • Able to participate in shifts, on call rotation, and 24×7 responsibilities and escalations
    • Must have solid verbal and written communication skills; ability to communicate effectively to internal and external business partners as well as technical, and non-technical staff.
    • Demonstrated enthusiasm for learning new things and ability to pick up new ideas quickly.
    • Experience with Cloud Computing and technology.
    • Understanding of threat analysis model’s: Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.
    • Understanding of system events and host level analysis of Windows, MacOS, and Linux operating systems.
    • Background in malware analysis.
    • Experience with Python, Jupyter Notebooks, PowerShell, or R with RESTful APIs.
    • Experience working within a diverse organization to gain support for your ideas; Seeks to leverage work of others to increase effectiveness.
    • Ability to effectively multi-task and prioritize in a fast-paced environment.
    • Demonstrates maturity and leadership qualities when dealing with conflicting views and difficult conversations.
    • CISSP or related GIAC certifications.

    The ideal candidate will have experience in a team environment, experience in a Security Operations Center, Incident Response, or equivalent experience in enterprise scale services and platforms. Experience in development of security tools and automation to support security operations and hunting. Possess technical depth in highly dynamic, complex environment.



    Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

    Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.


  • Computer Hardware
  • Computer Software
  • Information Technology & Services

Employment Type


Job Functions

  • Information Technology

More Information

Apply for this job

Leave your thoughts

Share this job