Security Operations Engineer
Microsoft
Security Operations Engineer
Hyderabad, Telangana, India
Save
Overview
Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate.
Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate.
We are looking for a skilled Security Engineer with a role focused on detecting and responding to threats against Microsoft’s environment. This role is part of Microsoft’s CDO – Cyber Defense Operations. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. The Security Engineer will support incident response and conduct forensic investigations to identify, contain, and resolve security threats. Implement countermeasures to address evolving risks and ensure the resilience of enterprise systems. Collaborate with cross-functional teams to drive platform hardening, enforce security maintenance protocols, and execute vulnerability remediation procedures effectively. Your expertise will play a pivotal role in protecting Microsoft’s operations, ensuring compliance, and strengthening our security posture.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
Qualifications
• Atleast 3 years in SOC roles focusing on identifying security vulnerabilities, conducting forensics, social engineering, threat modelling, and security architecture.
• Hands on experience with incident analysis.
• Understanding of Windows internals
• Understanding Linux and Mac OS.
• Understanding of various attack methods, vulnerabilities, exploits, malware.
• Good Understanding of SIEM Console.
• Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training
• Security assessments of network infrastructure, hosts and applications - another element of risk management
• Forensics - investigation and analysis of how and why a breach or other compromise occurred
• Troubleshooting - the skill to recognize the cause of a problem
• DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization.
• Scripting knowledge in KQL, PowerShell, Python, general batch/shell scripting.
• Excellent written and verbal communication skills.
• Security certifications such as Network++, CySA+, or CCNA are highly desirable.
• Experience with Azure Sentinel and Microsoft Defender for Office is a plus.
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: This position will be required to pass the Microsoft background check upon hire/transfer and every two years thereafter.
Preferred Qualifications:
| • Leadership, empathy, interpersonal and communication skills • 3+ years' experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection • TCP/IP, Firewall, computer networking, routing and switching - an understanding of the fundamentals: the language, protocol and functioning of the internet • MS degree in Computer Science, Risk Management, Cyber Security, or related field OR equivale AI Experience in security will be preferred |
Responsibilities
• Monitor, detect, and respond to security incidents with a focus on phishing threats using tools like Microsoft Defender for Office and Azure Sentinel.
• Conduct in-depth incident analysis and forensic investigations to determine root causes and escalate valid threats.
• Analyze and interpret data from SIEM consoles, correlating events across multiple sources to identify potential threats.
• Investigate and respond to social engineering attempts, contributing to awareness training and user education.
• Utilize scripting skills (KQL, PowerShell, Python, shell scripting) to automate detection and response workflows.
• Work with DLP, AV, FIM, web/email proxies, and other security tools to ensure comprehensive protection across the organization.
• Collaborate with cross-functional teams to improve security posture and support compliance initiatives. • Document incidents, procedures, and playbooks with clarity and precision.
• Stay current with evolving threat landscapes and contribute to continuous improvement of SOC processes.