Senior Incident Response Engineer Milano

Senior Incident Response Engineer
Milano
Lombardia, Milano

Interested in security and incident response? Then come join the Cybersecurity Incident Response Team (CIRT) at Microsoft as a Senior Incident Response Engineer responsible for helping customers investigate security incidents in their environment. As a Senior Incident Response engineer, you will be an elite member of a customer-facing security support team leading incident response investigations for Microsoft's enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.

In the Customer Service & Support (CSS) team, we are looking for people with a passion for delivering customer success. As a Senior Incident Response Engineer, you will own, troubleshoot and solve highly complex customer technical issues. This opportunity will allow you to accelerate your career growth by honing your problem-solving, collaboration and research skills, and developing your technical proficiency.

This role is flexible in that you can work up to 100% from home.

ResponsibilitiesResponsibilities: Scope customer security incidentsUnderstand and identify indicators of attack and indicators of compromiseAnalyse incident data from threat analytics toolsCollaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer's environmentCoordinate a response to the security incident with other Microsoft security and consulting teams. Develop, document, and implement runbooks, capabilities, and techniques for Incident ResponsePerform security triage and analysis on endpoint, server and network infrastructure. Perform activities necessary for immediate containment and short-term resolution of incidents. Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilitiesInvestigate root cause of complex security incidentsMaintain a high level of confidentialityParticipate in the on-call rotation as requiredQualificationsRequired/Minimum Qualifications (RQs/MQs) Native or excellent written and spoken Italian language skillsMinimum 2+ years Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, windows server, and endpoint security, etc. )Minimum 2+ years Cloud investigations experience with Entra ID, Microsoft 365 and Microsoft Defender solutionsMinimum 1+ years customer facing experienceExperience supporting large and complex geographically distributed enterprise environments with 1000+ usersMinimum 1+ years of experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory AdministrationBachelor's degree in Computer Science, Information Technology (IT), or related field AND 5+ years of technical support, technical consulting experience, or information technology experienceAdditional or Preferred Qualifications (PQs) Experience in Entra ID and Microsoft 365 management and troubleshootingExperience with any Microsoft Defender solutionsExperience in Azure Identity management and troubleshootingKusto Query Language knowledgeCloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deploymentsAutomation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level). Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc. )Preferred Bachelor's degree or higher in a technical field, or relevant work experienceExperience in Linux and/or Mac administrationLanguage Qualification Italian Language: fluent in reading, writing and speaking.

English Language: fluent in reading, writing and speaking.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.

#J-18808-Ljbffr