Job Description

Overview

The Microsoft Incident Response - the Detection and Response Team (DART) seeks a skilled and experienced

Senior Cybersecurity Infrastructure Engineer

with a background in Active Directory and cloud identity management to join our cybersecurity incident response team. DART is the first port of call for many customers during a security incident, providing rapid containment, investigation, and recovery services.


Along with supporting reactive incident response cases for some of the most esteemed businesses in the world, Infrastructure Engineers will work cohesively with Incident leads, Threat Hunters and other resources to build trust and drive significant change in any business they come into contact with. The individual should possess excellent documentation skills, and be confident in disseminating knowledge both across the team and across partner teams within Microsoft. Thought leadership is a key priority, in the form of written and spoken content delivered both internally and externally. Any successful candidate should also embody Microsoft's culture and values.


Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Responsibilities

Serve as an infrastructure specialist during incident response engagements, focusing on identity systems and enterprise infrastructure. Lead containment and recovery efforts for compromised Active Directory and Entra ID (formerly Azure AD) environments. Collect and analyze forensic data from identity platforms and infrastructure components. Implement identity hardening and recovery strategies pre and post compromise. Collaborate with threat intelligence, reverse engineering, and hunting teams to deliver holistic incident response. Contribute to the development, delivery, and continuous improvement of internal and customer facing programs Document findings and recommendations in clear, actionable reports for customers and internal stakeholders.

Qualifications

Required/minimum qualifications

Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience. 3+ years of hands-on experience with Active Directory, Entra ID, or other enterprise identity platforms. Ability to script or automate tasks using PowerShell or similar tools. Ability to travel on short notice, work shifts, including shift assignments during non-standard business hours that may include evening, nighttime, weekends, and/or holidays.

Other Requirements

The ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or preferred qualifications

Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience. An understanding of identity-related attack techniques (e.g., Golden Ticket, Pass-the-Hash, Kerberoasting). Experience with identity recovery and hardening in post-breach scenarios Familiarity with Windows Server infrastructure, DNS, DHCP, and Group Policy. Familiarity with Linux and/or macOS usage and administration. Effective communication skills and the ability to convey technical content with clarity and context. Experience in incident response, digital forensics, or threat hunting. Familiarity with Microsoft Defender XDR, Sentinel, or other SIEM/SOAR platforms. Experience using KQL French communication skills will be considered an asset.


#DART #MicrosoftIR #IncidentResponse







Security Research IC4 - The typical base pay range for this role across Canada is CAD $114,400 - CAD $203,900 per year.


Find additional pay information here:

https://careers.microsoft.com/v2/global/en/canada-pay-information.html



Security Research IC4 - L'echelle salariale de base typique pour ce role dans l'ensemble du Canada est de 114,400 $ CAD a 203,900 $ CAD par annee.
Pour plus d'information au sujet de la remuneration, veuillez cliquer ici:

https://careers.microsoft.com/v2/global/en/canada-pay-information.html



Ce poste sera ouvert pendant au moins cinq jours et les candidatures seront acceptees de facon continue jusqu'a ce que le poste soit pourvu.



This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.



Microsoft est un employeur offrant l'egalite d'acces a l'emploi. Tous les candidats qualifies seront pris en consideration pour l'emploi, sans egard a l'age, a l'ascendance, a la citoyennete, a la couleur, aux conges medicaux ou familiaux, a l'identite ou a l'expression de genre, aux renseignements genetiques, a l'etat d'immigration, a l'etat matrimonial, a l'etat de sante, a l'origine nationale, a un eventuel handicap physique ou mental, a l'affiliation politique, au statut de veteran protege ou au statut militaire, a la race, a l'ethnie, a la religion, au sexe (y compris la grossesse), a l'orientation sexuelle ou a toute autre caracteristique protegee par les lois, ordonnances et reglements locaux applicables. Si vous avez besoin d'aide avec des accommodements religieux et/ou d'un accommodement raisonnable en raison d'un handicap pendant le processus de candidature, apprenez-en plus sur la

demande d'accommodement.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process

.