Are you interested in working on the cutting edge of enterprise security products? Do you want to combat evolving, advanced security threats? Do you want to build intelligence and analytics systems powering one of the most advanced security products Microsoft offers today ? Windows Defender Advanced Threat Protection (WDATP) is the security service that enables Microsoft's enterprise customers to detect, investigate, and respond to advanced threats on their networks via a combination of endpoint behavioral sensors, cloud security analytics and threat intelligence . We are looking for deeply technical and passionate analysts who are interested in working on an emerging product in a fast-paced startup style environment to deliver applied research in the form of an intelligence service that ships continuously .
Design and implement scalable systems and user experiences for analyzing data across cyber intelligence knowledge graphs to identify and track sophisticated attacker techniques, tools, and infrastructure. Build hunting tools and automations for use in the discovery of emerging threats and human adversaries. Utilize threat research to improve our analytic capabilities, develop new detection methodology, and influence the development of sensor capability. Connect threat data and workflows among our internal and external partners improving our ability to hunt for and identify cyber threats. Develop
Required qualifications: 5+ years of professional experience designing and developing software or services. 3+ years of experience in cyber-security, cyber-defense, or cyber incident response. Preferred qualifications: Strong programming or scripting background. (Python, PowerShell, C#, C++, etc.) 2+ years of experience building high-scale distributed data-oriented systems. Background in design and implementation of large-scale data mining and workflow systems. Experience working with high-volume, highly dimensional data at scale using distributed parallel processing systems (e.g. Hadoop, Spark),