Principal Security Researcher
4 months ago
Overview
The mission of Microsoft Security Response Center (MSRC) is to enable Microsoft to build the most trusted devices and services, while keeping our company safe and our data protected. As part of the Microsoft Security organization, and a steward of Microsoft and our customer’s data, a core function of MSRC is ensuring the security of every aspect of the business. MSRC is responsible for company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, we deploy and secure these services inside Microsoft and then share best practices with enterprise customers at scale across the globe. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more
Do you want to join the Microsoft GHOST team as a Principal Security Researcher?
Do you have an interest in helping Microsoft’s clients defend themselves against targeted exploitation? Are you interested in being intimately involved in the latest, cutting edge developments in the security industry and having a direct impact on the security of all Microsoft customers? Do you want to be on the front lines of helping our customers go toe-to-toe against advanced adversaries? Are you interested in a fast-paced job full of new opportunities? If so, you might be a candidate for the Global Hunting, Oversight, and Strategic Triage team (GHOST).
We are looking for an experienced Principal Security Researcher with required analytical background to join our team to perform threat hunts, assist with investigations, develop threat intelligence, and to cultivate investigation best practices into Microsoft tooling and products. Researchers will support a global team to identify and catalog new attacker Tools, Techniques and Procedures (TTPs), victims, and deliver customer notifications to protect worldwide enterprise customers and empower customers to protect themselves via constantly improving Microsoft products.
We are looking to fill multiple roles across levels.
Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more.
Qualifications
Required Qualifications:
7+ years experience in large-scale computing, modeling, cybersecurity, and/or anomaly detectionOR Experience with threat hunting/ digital forensics/reverse engineering/incident response etc.OR Master's Degree in Statistics, Mathematics, Computer Science or related field
Other Requirements:
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.Preferred Qualifications:
Investigation/Cybersecurity/Digital Forensics/DFIR (Digital Forensic Incident Response) certifications (e.g. Certified Information Systems Security Professional (CISSP), SysAdmin, Audit, Network and Security (SANS), Global Information Assurance Certification (GIAC) etc.) Technical certifications based on domain (e.g., Azure, SharePoint)Experience with Active Directory and/or cloud identity Experience with sophisticated threat actor evidence including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs) Use of forensic analysis tools such as X-Ways Forensics®, WinHex®, Encase®, FTK®, etc. Microsoft Azure and/or Office365 platform knowledge and experience Experience with various forensic log artifacts found in Security Informationa and Event Management (SIEM) logs, web server logs, Antivirus (AV) logs, protection logs such as Host-based Intrusion Detection Systerm (HIDS) and Network Intrusion Detection System (NIDS) logs Familiarity with Microsoft Defender 365 security stack (for Endpoints, Identity, Cloud, etc), especially with Advanced Hunting query writing Understanding of Windows and Azure internals and where trace evidence can be found Knowledge of third-party cybersecurity solutions, especially Extended Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions Experience working with consulting companies is a plus Linux and/or macOS forensic analysis and threat hunting skills
#GHOST #DSR #MSFTSecurity
Responsibilities
This role is part of a collaborative team, assisting our customers with:
Leading analysis of attacker activity in on-premises and cloud environments Identifying potential threats, allowing for proactive defence before an actual incident Notifying customers regarding imminent attacker activity Providing recommendations to improve customers’ cybersecurity posture going forward and performing threat intelligence knowledge transfer to prepare customers to defend against today’s threat landscape Building proof-of-concept and prototype threat hunting tools, automations, and new capabilities Driving product and tooling improvements by conveying learnings from threat hunting and incident response at scale to engineering partner teams Identifying, prioritizing, and targeting complex security issues that cause negative impact to customers. Creating and driving adoption of relevant mitigations and provide proactive guidanceCollaborating with others to synthesize research findings into recommendations for mitigating security issues and sharing them across teams. Driving change within the team based on the research findings.
If you are looking for a role that will allow you to use your knowledge and experience to strengthen the security posture of customers, you will have a bright future within our Microsoft’s Global Hunting Oversight and Strategic Triage team.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.Industry leading healthcareEducational resourcesDiscounts on products and servicesSavings and investmentsMaternity and paternity leaveGenerous time awayGiving programsOpportunities to network and connect-
Principal Advisor, Research
3 months ago
Sydney, Australia Centre for Evidence and Implementation Full timeAbout the role - Are you an expert in research, evaluation and implementation science? Are you passionate about pioneering new models of evaluation and creating lasting and effective social change? Are you interested in joining a diverse, global team that values its people, nurtures professional growth and emphasizes collaboration? If so, the CEI team would...
-
Principal Security Advisor
3 months ago
Sydney, Australia Vero Insurance Full timeJobs - Job Details - Principal Security Advisor Careers at Suncorp Take the next step. Be part of something bigger at Suncorp. Principal Security Advisor Job No: 672284 Sydney - Inner Suburbs & CBD, Brisbane - Inner Suburbs & CBD, Various Max Term Full Time IT Pay Band 6 We’re never just satisfied with how things are – because we know how things...
-
Principal Intel Security Advisor
4 months ago
Sydney, Australia Vero Insurance Full timeJobs - Job Details - Principal Intel Security Advisor Careers at Suncorp Take the next step. Be part of something bigger at Suncorp. Principal Intel Security Advisor Job No: 671679 Sydney - Inner Suburbs & CBD, Brisbane - Inner Suburbs & CBD, Melbourne - Inner Suburbs & CBD Permanent Full Time IT Pay Band 6 Provide Cyber Security intelligence to the...
-
Cyber Security Researcher
2 weeks ago
Sydney, New South Wales, Australia CommBank Full timeJob SummaryWe are seeking a highly skilled Cyber Security Researcher to join our Red Team at CommBank. As a key member of our team, you will be responsible for performing self-directed long- and short-term Red Team operations against the Group, targeting weaknesses in People, Processes, and Technology.About the RoleThe successful candidate will have a strong...
-
Cyber Security Researcher
1 week ago
Sydney, New South Wales, Australia CommBank Full time{"Job SummaryWe are seeking a highly skilled Red Team Cyber Security Expert to join our team at CommBank. As a key member of our Cyber Defence Operations department, you will be responsible for performing Red Team operations against the Group, targeting weaknesses in People, Processes, and Technology.Key Responsibilities* Perform self-directed long- and...
-
Information Security Principal Consultant
4 months ago
Sydney, Australia Westpac Group Full time**How will I help?** Westpac’s Detection and Response team sits within our Information Security Group and is responsible for monitoring and detecting cyber threats. We analyse and respond to attacks from adversaries targeting the Westpac Group or its customers. We are looking for an Information Security Principal Consultant to join the Security...
-
Principal Engineer
1 day ago
Sydney, New South Wales, Australia Westpac Full timeJob Title: Principal Engineer - Identity and Security ExpertWe are seeking an experienced Principal Engineer to join our team at Westpac, where you will play a key role in shaping the future of our Open Banking Program. As a Principal Engineer, you will be responsible for leading the design and development of our identity and security solutions, ensuring...
-
Principal Engineer
2 days ago
Sydney, New South Wales, Australia Westpac Full timeJob Title: Principal Engineer - Identity and Security ExpertWe are seeking an experienced Principal Engineer to join our team as an Identity and Security Expert. As a key member of our Open Banking Program, you will be responsible for designing and implementing secure identity and access management solutions.Key Responsibilities:Develop and maintain...
-
Principal Security Architect
7 days ago
Sydney, New South Wales, Australia Immutable Full timeAbout the RoleThis is a Principal Security Engineer position at Immutable, a global technology company powering the world of NFTs on Ethereum. We are on a mission to be the number one ecosystem for NFTs, empowering and rewarding users. As a key member of our security team, you will play a critical role in ensuring the organisation has the knowledge, tools,...
-
Principal Architect
4 months ago
North Sydney, Australia TPG Telecom Full timeWe’ve only just begun, but what a beginning. In a once in a generation moment, we’ve brought together powerful brands to create one united force. TPG Telecom has a powerhouse of brands which include Vodafone, TPG, iiNet, Internode, Lebara, AAPT and felix. The latest technology and brave thinking let us connect our people and communities. You could play...
-
Offensive Cyber Security Researcher
2 days ago
Sydney, New South Wales, Australia CommBank Full timeJob Title: Offensive Cyber Security ResearcherJoin CommBank's Cyber Defence Operations department as an Offensive Cyber Security Researcher and contribute to the bank's innovative technology solutions. As a member of the Red Team, you will perform all CBA's red teaming requirements, including oversight of external red teaming regulatory requirements.About...
-
Principal Architect
4 months ago
North Sydney, Australia TPG Telecom Full timeWe’ve only just begun, but what a beginning. In a once in a generation moment, we’ve brought together powerful brands to create one united force. TPG Telecom has a powerhouse of brands which include Vodafone, TPG, iiNet, Internode, Lebara, AAPT and felix. The latest technology and brave thinking let us connect our people and communities. You could play...
-
Principal Technical Product Manager
3 months ago
Sydney, Australia Atlassian Full timeOverview: **Working at Atlassian** Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually,...
-
Principal Engineer
3 days ago
Sydney, New South Wales, Australia Westpac Group Full timeJob Title: Principal Engineer - Identity and Security ExpertWe are seeking an experienced Principal Engineer to join our team at Westpac Group. As a key member of our Open Banking Program, you will be responsible for designing and developing secure and scalable identity and security solutions.Key Responsibilities:Develop and maintain integration strategy,...
-
Principal Security Solutions Architect
2 weeks ago
North Sydney Council, Australia TPG Telecom Full timeAbout the RoleWe are seeking a highly skilled and experienced Principal Security Solutions Architect to join our team at TPG Telecom. As a key member of our security team, you will play a pivotal role in ensuring the security of our systems and services.Key ResponsibilitiesCustomer-Centric Security: Design and implement top-notch secure customer security...
-
Assistant Security Manager
3 months ago
Sydney, Australia Certis Security Australia Full timeCertis Security Australia is one of Australia’s leading security service provider with over 3,000 employees nationwide, providing our clients with industry leading security services with our state-of-the-art technology and highly qualified staff. As part of the Certis Group, SNP Security and BRI Security deliver integrated security solutions including...
-
Principal Engineer
2 weeks ago
Sydney, New South Wales, Australia Westpac Full timeAbout the RoleWe are seeking a highly skilled Principal Engineer to join our Westpac Open Banking Program. As a key member of our team, you will play a critical role in developing and maintaining Open Banking and Digital Identity applications, as well as leading end-to-end integration aspects of solution architecture and designs across multiple...
-
Principal Consultant, Proactive Security
4 months ago
Sydney, Australia Palo Alto Networks Full time**Company Description** Our Mission** At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are...
-
Cyber Security Lead
5 months ago
Sydney, Australia Charterhouse Full time**Responsibilities**- The core functions to be performed by the Cyber Security Bundle Lead include, but are not limited, to the following:- Work closely with the Sourcing Lead and the Program Office Lead in defining, scoping and managing the delivery of assigned outcomes.- - Works with the Cyber and Protective Security Branch to identify and document ICT and...
-
Equity Research Analyst
3 months ago
Sydney, Australia MFS Investment Management Full timeAt MFS, you will find a culture that supports you in doing what you do best. Our employees work together to reach better outcomes, favoring the strongest idea over the strongest individual. We put people first and demonstrate care and compassion for our community and each other. Because what we do matters - to us as valued professionals and to the millions...
