The Microsoft Threat Intelligence Center (MSTIC), a part of Cloud and AI, is looking for a seasoned software development engineer with experience in supporting threat intelligence analysts to help build and drive our threat intelligence operations. MSTIC is responsible for delivering timely threat intelligence across our product and services teams, assist with our engineering response to security issues/incidents, and assists with government policy outreach for the company.
In this role you be responsible for supporting threat intelligence analysts by creating tools and software to enable identifying and tracking sophisticated adversaries. Work with analysts by observing gaps and opportunities to provide efficiencies in the data Provide feedback to PMs that have long term planning of tool development Define, develop, and implement tooling and techniques to both discover and track adversaries of today and identify the attacks of tomorrow. Develop software to support triage and analysis of datasets and information associated with APT activity and behavior as well as
Required Qualifications: 5+ years of professional software development lifecycle experience in C# , C++, and/or Python 5+ years working with products and services to improve security for customers 2+ years working with big data technologies (Cosmos, Hadoop, Azure Data Lake, etc) Preferred Qualifications: Experience with development involving extraction/manipulation/summarization of security logs and feeds 2+ years of experience correlating across very large and diverse datasets (ADE, Azure Data Lake, ) 2+ years working with SQL-based databases Experience working closely with threat intelligence