Microsoft Corporation Service Engineer 2 in Redmond, Washington

Does protecting over 1 billion customers and making the cyber world a better place sound exciting? Do you have what it takes to be part of the top security response team in the world? Are you passionate about solving the threat detection and security response challenges of Cloud Computing? The Security Operations Center within the Cloud and AI group is in need of motivated, self-driven, Detection Analysts and Security Responders to help tackle these important challenges.

The Security Operations Center within the Microsoft Security Response Center (MSRC) is the front line that defends our customers that use Microsoft's Cloud platform and online services. This role requires the successful candidate to be able to perform security investigations, analysis of detections, and through investigations provide detection authors actionable feedback as they build new detection capabilities for the Cyber Defense Operations Center (CDOC).

If you are passionate about defending and protecting customers, then this opportunity may be for you. We are a fast-paced team that constantly provides new opportunities to learn and grow.


Specific functions include:

  • Monitor & respond to security events, potential vulnerabilities, exposures, and policy compliance issues.

  • Provide security incident response and management, investigation, and consultation until issue closure.

  • Support the Security Operation Center’s (SOC) Data Analytics program by managing SOC’s detection ecosystem.

  • Hunt for and analyze results from threat intelligence data

  • Create technical documentation such as TSG’s, FAQs and SOPs.


Desired Qualities:

  • Willing to take action.

  • Knowledge of Windows, Network Devices, and Linux (*nix) system audit logging

  • Able to work independently.

  • Possess the ability to work effectively in ambiguous situations and respond favorably to change.

  • Highly-developed analytical skills, with sound judgement and follow-through in complex situations.

  • Excellent interpersonal skills, and strong written and verbal communication skills.

Desired Qualifications:

  • 2 years of extensive experience within a Security Operations Center, or building SIEM’s.

  • Experience in developing services or scripts for automation of analysis, response.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form at .

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

This position requires verification of US Citizenship to meet federal government security requirements.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.