Principal Security Researcher
2 months ago
Overview
The mission of Microsoft Security Response Center (MSRC) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. As part of the Microsoft Security organization, and a steward of Microsoft and our customer’s data, a core function of MSRC is ensuring the security of every aspect of the business. MSRC is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more
Do you want to join the Microsoft GHOST team as a Principal Security Researcher?
Do you have an interest in helping Microsoft’s clients defend themselves against targeted exploitation? Are you interested in being intimately involved in the latest, cutting edge developments in the security industry and having a direct impact on the security of all Microsoft customers? Do you want to be on the front lines of helping our customers go toe-to-toe against advanced adversaries? Are you interested in a fast-paced job full of new opportunities? If so, you might be a candidate for the Global Hunting, Oversight, and Strategic Triage team (GHOST).
We are looking for an experienced Principal Security Researcher with required analytical background to join our team to perform threat hunts, assist with investigations, develop threat intelligence, and to cultivate investigation best practices into Microsoft tooling and products. Researchers will support a global team to identify and catalog new attacker Tools, Techniques and Procedures (TTPs), victims, and deliver customer notifications to protect worldwide enterprise customers and empower customers to protect themselves via constantly improving Microsoft products.
We are looking to fill multiple roles across levels.
Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more.
Qualifications
Required Qualifications:
7+ years experience in large-scale computing, modeling, cybersecurity, and/or anomaly detectionOR Experience with threat hunting/ digital forensics/reverse engineering/incident response etc.OR Master's Degree in Statistics, Mathematics, Computer Science or related field
Other Requirements:
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.Preferred Qualifications:
Investigation/Cybersecurity/Digital Forensics/DFIR (Digital Forensic Incident Response) certifications (e.g. Certified Information Systems Security Professional (CISSP), SysAdmin, Audit, Network and Security (SANS), Global Information Assurance Certification (GIAC) etc.) Technical certifications based on domain (e.g., Azure, SharePoint)Experience with Active Directory and/or cloud identity Experience with sophisticated threat actor evidence including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs) Use of forensic analysis tools such as X-Ways Forensics®, WinHex®, Encase®, FTK®, etc. Microsoft Azure and/or Office365 platform knowledge and experience Experience with various forensic log artifacts found in Security Informationa and Event Management (SIEM) logs, web server logs, Antivirus (AV) logs, protection logs such as Host-based Intrusion Detection Systerm (HIDS) and Network Intrusion Detection System (NIDS) logs Familiarity with Microsoft Defender 365 security stack (for Endpoints, Identity, Cloud, etc), especially with Advanced Hunting query writing Understanding of Windows and Azure internals and where trace evidence can be found Knowledge of third-party cybersecurity solutions, especially Extended Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions Experience working with consulting companies is a plus Linux and/or macOS forensic analysis and threat hunting skills
#GHOST #DSR #MSFTSecurity
Responsibilities
This role is part of a collaborative team, assisting our customers with:
Leading analysis of attacker activity in on-premises and cloud environments Identifying potential threats, allowing for proactive defence before an actual incident Notifying customers regarding imminent attacker activity Providing recommendations to improve customers’ cybersecurity posture going forward and performing threat intelligence knowledge transfer to prepare customers to defend against today’s threat landscape Building proof-of-concept and prototype threat hunting tools, automations, and new capabilities Driving product and tooling improvements by conveying learnings from threat hunting and incident response at scale to engineering partner teams Identifying, prioritizing, and targeting complex security issues that cause negative impact to customers. Creating and driving adoption of relevant mitigations and provide proactive guidanceCollaborating with others to synthesize research findings into recommendations for mitigating security issues and sharing them across teams. Driving change within the team based on the research findings.
If you are looking for a role that will allow you to use your knowledge and experience to strengthen the security posture of customers, you will have a bright future within our Microsoft’s Global Hunting Oversight and Strategic Triage team.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.Industry leading healthcareEducational resourcesDiscounts on products and servicesSavings and investmentsMaternity and paternity leaveGenerous time awayGiving programsOpportunities to network and connectWe have other current jobs related to this field that you can find below
-
Principal Research Officer
4 weeks ago
Canberra, Australia Department of the Senate Full timeParliamentary Executive Level 1 - $126,401 to $141,587 - Procedure Office The Principal Research Officer is responsible for major research and writing tasks supporting the work of the Parliamentary Joint Committee on Human Rights. This includes high-level legislative scrutiny, analysis and research, as well as preparing complex reports and briefs for...
-
Principal Research Officer
2 weeks ago
Canberra, Australia Department of the Senate Full timePEL 1 - $121,539 to $136,141 - Committee Office Principal Research Officers are responsible for major research and writing tasks for committee inquiries, including the preparation of briefing/background papers and, most importantly, the drafting of reports for consideration by committees. They are expected to take carriage of inquiries, assist with the...
-
Principal Research Officer
2 weeks ago
Canberra, ACT, Australia Department of the Senate Full timePEL 1- $121,539 to $136,14 Committee OfficePrincipal Research Officers are responsible for major research and writing tasks for committee inquiries, including the preparation of briefing/background papers and, most importantly, the drafting of reports for consideration by committees. They are expected to take carriage of inquiries, assist with the...
-
Security Vulnerability Researcher
2 weeks ago
Canberra, Australia Australian Federal Police (AFP) Full timeEMPLOYMENT TYPE - Ongoing Full time LOCATION - ACT; NSW; QLD; TAS; VIC; WA AFP BAND & SALARY - Band 06, $102,927.00 - $113,563.00 JOB REFERENCE NUMBER - 11469 This advertisement is to fill current vacancies and create a merit pool for future ongoing vacancies arising over the next 12 months. Did you know? The mission of the Australian Federal Police is...
-
Principal Security Advisor
2 weeks ago
Canberra, Australia Trustwave Full timeAbout Trustwave - $5k and 5 days' training / continued education allowance per year - Be a part of a collaborative and supportive team (you won’t feel alone!) - Career growth: receive mentoring, coaching, and support to progress your career - Flexible work arrangements Principal Security Advisor Everyone's voice matters here. We aren’t looking for...
-
Principal Security Advisor
3 weeks ago
Canberra, Australia Trustwave Full timeAbout Trustwave - ** $5k and 5 days' training / continued education allowance per year**: - ** Be a part of a collaborative and supportive team (you won’t feel alone!)**: - ** Career growth: receive mentoring, coaching, and support to progress your career**: - ** Flexible work arrangements** **Principal Security Advisor** Everyone's voice matters...
-
Principal Legal Advisor
2 weeks ago
Canberra, ACT, Australia Australian Government Full timeOngoing / Non-Ongoing Salary: $ to $ plus 15.4% superannuation Canberra, ACTEmployment OpportunityThe Independent National Security Legislation Monitor ('the Monitor) is a statutory office holder who leads a small team (the 'INSLM Office) to independently review the operation, effectiveness and implications of Australias national security and...
-
Principal Legal Advisor
2 weeks ago
Canberra, ACT, Australia Acendre Full timePrincipal Legal Advisor - Executive Level 2 Employment Opportunity The Independent National Security Legislation Monitor (`the Monitor) is a statutory office holder who leads a small team (the `INSLM Office) to independently review the operation, effectiveness and implications of Australias national security and counter-terrorism laws in accordance with the...
-
Principal Legal Officer
3 weeks ago
Canberra, Australia HAYS Full timeAn experienced Principal Legal Officer required to manage a high-profile litigation caseload **Your new company** This department is responsible for strategic coordination and policy development for immigration, citizenship, counterterrorism and border security. In the Legal Group, this branch is responsible for all legal policy, legislation and litigation...
-
Principal Legal Advisor
3 weeks ago
Canberra, Australia Australian Government Full timeOngoing / Non-Ongoing - Salary: $139 657 to $159 067 plus 15.4% superannuation - Canberra, ACT **Employment Opportunity** The Independent National Security Legislation Monitor ('the Monitor) is a statutory office holder who leads a small team (the 'INSLM Office) to independently review the operation, effectiveness and implications of Australias national...
-
Cyber Security Lead
4 weeks ago
Canberra, Australia CYOS Solutions Full time**Application closing date**: Thursday, 21 March 2024 - 11:59pm, Canberra time (or once all sellers have responded) (in Canberra) **Estimated start date**: Monday, 15 April 2024 **Location of work**: ACT **Length of contract**: 12 months **Contract extensions**: 2 x 12 months **Security clearance**: Must have Negative Vetting Level 1 **Rates**: $130 -...
-
Cyber Security Bundle Lead
4 weeks ago
Canberra, Australia Etainsolutions Full timeOpen to**:Holders of NV1** Location**:Canbera** We are seeking a Cyber Security Bundle lead to support the ICT Sourcing Program. In this role, you will be: - Ensuring that the requirements identified in any sourcing transaction align with the department's ICT and Cyber Security strategy and direction. - leading and leveraging a team of technical,...
-
Cyber Security Bundle Lead
4 weeks ago
Canberra, Australia Peoplebank Full timeLocation: - Canberra- Job Type: - Contract- Posted: - about 5 hours ago- Contact: - Maria Lastierre- Discipline: - Security / Cyber Security - Reference: - 261225Our Federal Government Client is seeking a **Cyber Security Bundle Lead **to contribute to the Client's future Cyber Security approach, ensuring that the requirements identified in any sourcing...
-
Cyber Security Bundle Lead
4 weeks ago
Canberra, Australia Online 89 Full timeRole located in ACT Estimated start date 15/4/2024 Initial contract 12 months 2 x 12 month extension options available This is a Canberra based role requiring the successful cnadidate to be on site 3 days per week A Cyber Security Bundle Lead is required to contribute to this Department’s future Cyber Security approach, ensuring that the requirements...
-
Cyber Security Bundle Lead
4 weeks ago
Canberra, Australia Infinite Consulting Full timeThe Cyber Security Bundle Lead will contribute to the Department’s future Cyber Security approach, ensuring that the requirements identified in any sourcing transaction align with the Departments ICT and Cyber Security strategy and direction. Lead a leveraged team of technical, commercial, and service delivery specialists, including the Cyber Security...
-
Researcher
4 weeks ago
Canberra, Australia Australian National University Full time551406 - Canberra / ACT, ACT, Australia, 2601 - Fixed Term - Closing on: Jun 20 2023 - Position Description **Classification**:Academic Level A/B **Salary package**:$78,940 - $121,857 per annum plus 17% superannuation **Term**: Full time, Fixed Term (Up to 1 Year) The School of Cybernetics seeks a committed thinker-and-doer with deep-seated curiosity who...
-
User Researcher
2 weeks ago
Canberra, ACT, Australia Recruitment Sorted Full timeLocation: ACT, NSW, Offsite Security Clearance: Must be able to obtain BaselineApplications Close: 9am Thursday 16 March 2023The Digital Transformation Agency is hiring User Researchers for its Digital Sourcing branch to help build a better and marketplace experience.The User Researchers will collaborate with other researchers to conduct studies that help...
-
Researcher
2 weeks ago
Canberra, Australia The Department of Parliamentary Services Full time**Researcher**: **Job Details**: **Job Title**: Researcher **Employment Type**:Ongoing **Classification**: Parliamentary Service Level 6 **Closing Date**: 11:30pm AEDT, 29 February 2024 **The Opportunity**: The Department of Parliamentary Services (DPS) is recruiting a PSL6 Researcher with legal qualifications for the Law and Bills Digest Section (LBD),...
-
Cyber Security Bundle Lead
2 weeks ago
Canberra, ACT, Australia Kirra Services Full timeMust have Negative Vetting Level 1 Security clearance. The core functions to be performed by the Cyber Security Bundle Lead include, but are not limited, to the following: Work closely with the Sourcing Lead and the Program Office Lead in defining, scoping and managing the delivery of assigned outcomes. Work closely with the EL2 Director in ensuring...
-
Cyber Security Lead
2 weeks ago
Canberra, ACT, Australia CYOS Solutions Full timeApplication closing date: Thursday, 21 March :59pm, Canberra time (or once all sellers have responded) (in Canberra)Estimated start date: Monday, 15 April 2024Location of work:ACTLength of contract: 12 monthsContract extensions: 2 x 12 monthsSecurity clearance: Must have Negative Vetting Level 1Rates: $130 - $160 per hour (inc. super)To support the ICT...
