Senior Security Operations Engineer - CTJ - POLY Security Clearance

Position: Senior Security Operations Engineer - CTJ - POLY with Security Clearance
Overview The Sovereign Security Foundation Team is looking for an individual that can be a technical leader within the security engineering team. We are looking for a Senior Security Operations Engineer who will help build and run the next generation of security services and tools for the organization. The Sovereign Security Foundation Team is part of the larger Azure Silver Team and is responsible for raising the security standard across the Silver Team's infrastructure and application services to internal users in a secure environment.

The Sovereign Security Foundation Team will focus on Service 360, Sentinel, Splunk, and correlating data with internal Azure teams. The ideal candidate will have proficient technical & organizational experience, a passion for customer service and be able to quickly trouble shoot and resolve issues. The candidate must be self-motivated, able to prioritize work quickly and appropriately in an ambiguous environment.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities
* Assist internal teams and customers by identifying and recognizing data and patterns that may indicate potential security issues.

* Raises identified security concerns with senior members of the team to discuss mitigation strategy proposals.
* Analyzes dynamic datasets to help internal customers maintain an accurate view of owned assets
* Identifies and raises opportunities for automation to improve efficiency and effectiveness. Creates automation as appropriate to drive greater efficiency with high value.

* Utilizing guidance and key operating procedures, analyzes specific aspects of attempted or successful efforts to compromise systems security.

* Escalates findings as appropriate within agreed response times. Develops ability to analyze independently and make recommendations.

* Identifies potential issues with detection (e.g., false positives, noise).

* Engages others to escalate appropriately. Creates detections based on available data (e.g., Indicators of Compromise [IOC] and Tools Tactics Procedures [TTP]).

* Continues to drive automation of detection and response.

* Executes tactical processes across kill chain. Distinguishes effective from ineffective tactics and reports accordingly to inform security posture.

* Maps tactics to MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix and assesses when targets pass and fail against known techniques.

* Hunt for emerging threats using the tools and data provided, identifying and addressing risks to prevent exploitation

* Effectively communicating (verbal and written) in a professional manner with technical and non-technical personnel
* Works with internal and external parties as directed to push solutions to the environment to address specific threats.
* Own and contribute to initiatives that drive continuous improvement to the Sovereign Security Foundation operations and services
* Perform regular security monitoring to identify any possible intrusions Maintain and create system documentation.

* Deep understanding of system internals and/or hardening in the following:
Windows, Linux or macOS operating systems
* Keep up to date on emerging vulnerability, response, mitigation, threat landscape trends and use this knowledge to drive proactive threat detection. Mentor and provide guidance to team members on detection and response best practices.
* Embody our culture and values . Qualifications

Required Qualifications:

* Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience.

Other Requirements:
Security Clearance…