Microsoft’s CDG Security (COSINE, Devices and Gaming) is part of Cloud and AI (C+AI) engineering group and is responsible for some of Microsoft’s largest and most important online services including the Xbox LIVE, Microsoft Game Studios, and more. We are looking for a credible Service Engineer that will help us drive the CDG’s Online Services Threat and Vulnerability Management (TVM) Program and collaborate with the Security Assurance, Red and Blue Teams. You should be ambitious, and have experience solving complex problems. It’s an exciting time to join and have the chance to create and deploy state of the art technology in a manner that ensures it’s the best product possible for Microsoft and our customers. In this role, you will drive the risk assessment of multiple operational environments, perform technical reviews of systems, analyse security issues, and identify long term solutions to balance risk and the business requirements. You will establish a toolset, methodology, and a rhythm of vulnerability testing to evaluate resources in a rapidly changing global environment.
Day-to-day responsibilities include:
Triage, investigate and advise about threats related to SSIRPs, CVEs and Security Advisories issued by Microsoft and 3rd Party Companies
Help in automating and troubleshooting of the TVM infrastructure
Help onboarding of new TVM properties on Azure, Autopilot and discrete environments
Partner with Engineering teams, Program Management and Operations personnel within the CDG Online Services community to suggest and implement security improvements to processes and technologies
As a senior member on the team you should be able to bring the team along with you in critical scenarios and mentor the new folks as well act as a technical leader / mentor.
Although this is not an incident response position, we are a service delivery team. From time to time, you may be required to participate in emergency or after-hours activities. You should have:
BS or MS in computer science, a related field, or equivalent experience
5+ years of experience troubleshooting network, active directory and operating systems and in operational security.
Knowledge of threat vulnerability assessment tools (Qualys, Nessus, etc.) is a huge plus
Experience in investigating zero-day exploits and providing workarounds till the patch is released
Experience working with SQL database, ability to write and interpret complex SQL queries, Cosmos experience and PowerShell scripting knowledge is desired.
Coding experience with C++, C# is an added advantage
Confirmed verbal and written communication skills
Shown partnership and cross group collaboration skills
Ability to manage key stakeholders in crisis situation and provide technical guidance
Ability to deal with ambiguity
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.