Vacancy expired!
The Digital Crimes Unit (DCU) is seeking an experienced and knowledgeable investigator to develop and manage highly technical investigations involving some of the most infectious malware impacting Microsoft, its customers, and the public worldwide. A successful candidate will have a working knowledge of malware reverse engineering, behavioral analysis, live and traditional forensics as well as deep technical understanding of malware infrastructure and network protocols. The applicant must also demonstrate a deep familiarity of how criminals have and are currently abusing the Internet and cloud enabled services, for the purpose of harming customers and citizens. This position requires a strong commitment to excellence and the ability to work both independently as well as an integral part of a high performing team.For information on the types of investigations/cases DCU investigators work on, please go to: Digital Crimes Unit: Leading the fight against cybercrime - On the Issues (microsoft.com) (https://news.microsoft.com/on-the-issues/2021/04/15/how-microsofts-digital-crimes-unit-fights-cybercrime/)ResponsibilitiesSkills and Qualifications:Working knowledge in malware analysis, malware reverse engineering and behavioral malware analysis. Identifies, conducts, and supports others in conducting research into critical security areas, current attacks, tracking binary updates, and malware infrastructure. Partners cross-functionally (e.g., across disciplines, teams, or security versus non-security) to design solutions and tools to monitor malware infrastructure and propagation.
Expert knowledge in network protocol analysis tools and techniques. Architects’ solutions and automation related to specific kinds of security issues (e.g., signature detection, malware, threat analysis, reverse engineering). Skilled in more than one sub-specialty at some depth.
Expert knowledge in intelligence analysis and reporting using common tools and techniques. Tracks advances within the industry, identifies relevant research, and adapts algorithms and/or techniques to develop new tools and automations to be used in malware disruption efforts.
Demonstrated experience in memory forensics, live system forensics and traditional system forensics
Demonstrated experience in defensive and offensive operations against threats to corporate and/or consumer information systems and services. Defines and collects the information that is needed and analyzes information to gain insight into and address complex security problems and threats with a view towards developing technical/legal countermeasures. Works with others to incorporate findings into future actions aimed at disrupting malware infrastructure and stopping malware propagation (e.g. creates working groups).
Demonstrated experience operating in secure malware laboratory environments
OtherEmbody our culture (https://careers.microsoft.com/us/en/culture) and a demonstrated commitment to the company’s core values (https://www.microsoft.com/en-us/about/corporate-values) , including a commitment to high ethical standards, unquestioned integrity, and a commitment to advancing the company’s diversity & inclusion commitments.
QualificationsExperience Required:5+ years’ experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection OR Master’s Degree in Statistics, Mathematics, Computer Science or related field.
4+ years of experience in technical investigations for government and/or private sector organizations
Preferred Tools Proficiency:Analytical Tools: Microsoft Excel, Microsoft SQL Server, I2 Analyst Notebook, Paterva Maltego, Kusto (Azure Data Explorer), Python, and/or other scripting language
Forensic Tools: Guidance Encase, Access Data FTK, Helix, ProDiscover, X-Ways Forensics, and/or WinHex
Preferred Qualifications:Industry certifications related to security and/or investigations
#CELAMicrosoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Vacancy expired!