Senior Hunt Analyst

Company: Microsoft Corporation
Location: Redmond
Posted on: September 23, 2022

Job Description:

Microsoft Threat Intelligence Center (MSTIC) is recruiting experienced cyber threat intelligence professionals with experience and passion helping clients defend themselves against targeted attacks. This role will work between Microsoft's Detection and Response Team (DART) and MSTIC Threat Intelligence analysts. Hunt analysts will hunt for adversary behavior during DART engagements, work with product teams to enhance detections, and link behavior to activity groups for sustained tracking.

**Responsibilities**

As a hunt analyst, you will work side by side with DART consultants on incident response investigations and proactive engagements. You will identify adversarial behavior (TTP's), tooling, and indicators using multiple data sources and model it in our systems. You will define, develop, and implement techniques to discover and track current adversaries and identify the attacks of tomorrow. You will act as a trusted advisor to incident investigators and customers identifying and communicating threats effectively to drive clarity and earn customer trust.

This role will work as part of a collaborative team and will be responsible for:

+ Work alongside the Detection and Response Team (DART) identifying attacker activity during investigations

+ Analyze indicators found / behaviors observed to improve product detections via collaboration with partner teams

+ Cluster and model data from investigations

+ Prepare briefings for internal threat-focused MSTIC teams

**Qualifications**

**Required Qualifications**

+ 3+ years supporting incident response and deeply familiar with common incident response procedures, processes, and tools

+ 3+ years producing actionable threat intelligence on targeted and advanced persistent adversaries enabling network and host defenses in external organizations with demonstrable impact

+ Proven track record of collaborating across teams with threat hunters, analysts, incident responders, and customer representatives

+ Extensive attribution experience including creating threat groups, assessing connections between established threat groups, and communicating attribution assessments to internal stakeholders and customers

+ Experience providing threat intelligence support directly to customers including briefings and written reports

+ Familiarity and understanding of basic SQL or KQL queries

**Preferred Qualifications**

+ Knowledge of forensic and incident response processes and terminology

+ Excellent oral and written communication skills

+ Experience with threat intelligence data models and visualization tools

+ Proven knowledge of security fundamentals across Microsoft platforms (Client, Server, Cloud)

+ Microsoft Azure and/or Office 365 platform knowledge and experience

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form (https://careers.microsoft.com/us/en/accommodationrequest) .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Keywords: Microsoft Corporation, Redmond , Senior Hunt Analyst, Professions , Redmond, Washington