Senior Incident Response Engineer Lazio

Senior Incident Response Engineer
Roma
Lazio, Lazio

Interested in security and incident response? Join the Cybersecurity Incident Response Team (CIRT) at Microsoft as a Senior Incident Response Engineer responsible for helping customers investigate security incidents in their environment.

With over 18, 000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft's end-to-end customer experience. Help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.

As a Senior Incident Response Engineer, you will be an elite member of a customer-facing security support team leading incident response investigations for Microsoft's enterprise customers. You will analyze, triage, scope, contain, provide guidance for remediation, and determine the root cause of security incidents. You are familiar with collecting and analyzing security incident-related data to identify indicators of attack and compromise.

This role is flexible, allowing you to work up to 100% from home.

Microsoft's mission is to empower every person and every organization on the planet to achieve more. We come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities:

Scope customer security incidents

Understand and identify indicators of attack and indicators of compromise

Analyze incident data from threat analytics tools

Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer's environment

Coordinate a response to the security incident with other Microsoft security and consulting teams

Develop, document, and implement runbooks, capabilities, and techniques for Incident Response

Perform security triage and analysis on endpoint, server, and network infrastructure

Perform activities necessary for immediate containment and short-term resolution of incidents

Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities

Investigate root cause of complex security incidents

Maintain a high level of confidentiality

Participate in the on-call rotation as required

Qualifications:

Required/Minimum Qualifications (RQs/MQs) Native or excellent written and spoken Italian language skills

Minimum 2+ years Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, Windows server, and endpoint security, etc. )

Minimum 2+ years Cloud investigations experience with Entra ID, Microsoft 365, and Microsoft Defender solutions

Minimum 1+ years customer-facing experience

Experience supporting large and complex geographically distributed enterprise environments with 1000+ users

Minimum 1+ years of experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration

Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 5+ years of technical support, technical consulting experience, or information technology experience

Additional or Preferred Qualifications (PQs) Experience in Entra ID and Microsoft 365 management and troubleshooting

Experience with any Microsoft Defender solutions

Experience in Azure Identity management and troubleshooting

Kusto Query Language knowledge

Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments

Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level)

Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc. )

Preferred Bachelor's degree or higher in a technical field, or relevant work experience

Experience in Linux and/or Mac administration

Language Qualification

Italian Language: fluent in reading, writing, and speaking.

English Language: fluent in reading, writing, and speaking.

Ability to meet Microsoft, customer, and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations, and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

#J-18808-Ljbffr