New
Cybersecurity Incident Response Team Lead
Microsoft | |
United States, Texas, Irving | |
7000 State Highway 161 (Show on map) | |
Dec 23, 2024 | |
OverviewWith over 18,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft's end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience. The Global Customer Success (GCS) organization is leading the effort to create the desired customer experience through support offer creation, driving digital transformation across our tools, and delivering operational excellence across CE&S. We are looking for a Cybersecurity Incident Response Team Lead to join our organization.Are you looking for an exciting opportunity to lead Microsoft''s response efforts to protect over a billion customers around the world? Are you excited about cybersecurity and ready to join a passionate security response team dedicated to protecting customers from emerging cybersecurity threats? If so, this role may be your next opportunity. Microsoft Detection and Response Team (DART) is looking for a motivate and experienced security professional to Lead and manage all aspects of Cybersecurity Incident Response engagements. The Team Lead plays a vital role in responding to major cybersecurity incidents. They guide multi-functional teams through the incident response process, ensuring a balance between speed of recovery, evidence preservation, and security of the restoration process. As a Lead Investigator, you'll operate like the conductor of an orchestra, coordinating actions and adapting quickly to complex situations. Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
ResponsibilitiesElevates findings appropriately to address and mitigate issues.Balances value of dissemination over risk of divulging techniques.Works with others to incorporate findings into future designs and analyses (e.g. creates working groups).Leads data quality efforts to ensure timely and consistent access to data sources.Leads efforts to clean, structure, and standardize data and data sources.Creates a schedule for analysis of multiple feature areas.Develops guidelines, models, and best practices to enable teams to avoid common patterns of issues.Architects solutions across multiple teams and organizations, and automation related to specific kinds of security issues (e.g., signature detection, malware, threat analysis, reverse engineering).Drives the development of guidance and education that result from resolution of security issues.Advocates for key security issues and mitigations to teams and upper management.Evangelizes security practices across the company.Applies subject matter expertise and leads postmortem and root-cause analyses for complex and/or large-scale, live site issues to create repair items, specifies tools and systems that support incident management, and mitigates and resolves issues across organizations.Ensures best practices for security architecture, design, and development are in place.Incident Response Leadership: Experience in high pressure incident response environments where customers are experiencing a potentially business-ending event and your evidence-driven plans of action dictate their next steps.Lead and manage incident response efforts during cybersecurity incidents by clearly understanding customer requirementsIdentify gaps early in the engagement process and request appropriate resources to fill those gaps.Coordinate with technical teams, consultants, and partners to orchestrate an appropriate response and ensure the engagement is completed on time to provide the most complete engagement for the customer.Balance the need for rapid recovery with data collection and evidence preservation.Direct activities to secure the environment and assess potential data theftManagement of large scale incidents in a follow-the-sun format working with fellow team members from across the globe.Contextual application of MITRE Attack Framework and or OSI Model.Embody our Culture and Values |