Senior Threat Intelligence Analyst

About The Position

Requirements

• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
• OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
• OR equivalent experience.
• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience.
• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
• Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
• This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations. As a condition of employment, the successful candidate will be required to provide either proof of their country of citizenship or proof of their U.S. permanent residency or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport. Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable.

Nice To Haves

• 5+ years technical knowledge of adversary capabilities and techniques that can be applied to define, develop, and implement techniques both to discover the adversaries of today and identify the attacks of tomorrow.
• 5+ years experience tracking APT adversaries leveraging to identify and characterize various TTPs, capabilities, and operational campaigns. In depth experience producing actionable threat intelligence on targeted and advanced persistent adversaries and domain/supply chain assessments. Applied knowledge across all critical elements and common data types used in threat intelligence analysis, including malware used in targeted adversary campaigns; host and log forensics, including methods of data collection and analytic techniques; and network forensics, including common protocols and how those are used in adversary operations. Applied knowledge of a variety of adversary command and control methods and protocols.
• 5+ years experience supporting incident response and being deeply familiar with common incident response procedures, processes, and tools.
• 5+ years experience working across crosfunctional teams including threat hunters, incident responders, and customer delivery representatives.
• 4+ years experience Proven track record of working across cross-functional teams including threat hunters, incident responders, and customer delivery representativesCloud Hunting experience.
• 4+ years experience in China, Russia, or Iran threat actors.

Responsibilities

• As a Senior Threat Intelligence Analyst, you will use your knowledge of adversary intentions and capabilities to identify critical supplier services likely to be targeted by threat actors and secure these portions of Microsoft’s supply chain.
• You will also use your knowledge of the various threat actor sets to ensure Microsoft’s supply chain is protected from intentionally compromised products and services.
• You will define, develop, and implement techniques to discover and track current and future threat actor targeting of suppliers.
• Discover threat actor trends and map these findings to Microsoft’s vast supplier network to mitigate risk to Microsoft’s supply chain.
• Discover adversarial front companies with links to adversaries and evaluate compromises to Microsoft’s supply chain.
• Collaborate across Microsoft teams and partner groups and integrate intelligence into products.
• You will produce actionable intelligence and develop process to share this actionable intelligence with various parts of Microsoft.
• In this role, you will be responsible for collaborating with these, and other, stakeholders from Microsoft to protect both Microsoft assets and Microsoft’s customer base through improved product and services offerings.
• You will strengthen existing partnerships and build new ones with key organizations to deliver benefits to Microsoft and its customers.
• Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals.
• Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
• In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.