The Microsoft Threat Intelligence Center (MSTIC), a part of Cloud and AI, is looking for a seasoned software development engineer with experience in supporting threat intelligence analysts to help build and drive our threat intelligence operations. MSTIC is responsible for delivering timely threat intelligence across our product and services teams, assist with our engineering response to security issues/incidents, and assists with government policy outreach for the company.
In this role you be responsible for supporting threat intelligence analysts by creating tools and software to enable identifying and tracking sophisticated adversaries. Work with analysts by observing gaps and opportunities to provide efficiencies in the data Provide feedback to PMs that have long term planning of tool development Define, develop, and implement tooling and techniques to both discover and track adversaries of today and identify the attacks of tomorrow. Develop software to support triage and analysis of datasents and information associated with APT activity and behavior as well as
Required Qualifications: 5+ years of professional software development lifecycle experience in C# , C++, and/or Python 5+ years working with products and services to improve security for customers 2+ years developing on Azure PaaS technologies such as; Functions (and Durable Functions), Storage (blob, table, queues), Event Hubs, and Azure Data Factory Preferred Qualifications: 5+ years of experience of development involving extraction/manipulation/summarization of security logs and feeds 4+ years of experience correlating across very large and diverse datasets (ADE, Azure Data Lake, ) 4+ years