Digital Crimes Unit Investigator
Microsoft
This job is no longer accepting applications
See open jobs at Microsoft.See open jobs similar to "Digital Crimes Unit Investigator" Matt Wallaert.Oklahoma, USA
USD 115k-200,300 / year
Posted on Nov 9, 2024
Microsoft’s Digital Crimes Unit (DCU) has an immediate opening for a highly qualified Digital Crimes Unit Investigator to immediately handle global investigations and drive high-impact disruption operations targeting sophisticated cybercriminal networks and online threat groups. DCU embodies Microsoft’s commitment to security and continues to innovate and evolve to combat the increasingly sophisticated actors operating in cyberspace. This role will focus on proactive, technical investigations of cyberattacks and threats directed at Microsoft, its customers, and democratic institutions, including those abusing Artificial Intelligence (AI) technology for malicious motives.
Microsoft’s Digital Crimes Unit
Microsoft’s DCU is a global team of attorneys, investigators, and analysts committed to leading the fight against cybercrime to protect our customers and promote global trust in Microsoft. Through strategic partnerships with Microsoft’s unparalleled Threat Intelligence community, fraud and abuse teams, and engineering support, DCU develops and employs innovative legal and technical strategies to detect, disrupt, and deter cybercriminals, nation-state actors, and cyber-enabled fraud actors. DCU sits in Customer Security & Trust (CST) within Microsoft’s Corporate, External, and Legal Affairs (CELA).
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
DCU is searching for a technically skilled investigator to join our agile and dedicated team. Ideal candidates should have a demonstrated interest in expanding their skills and expertise into new areas and cutting-edge technology, including AI, and commitment to the unique mission of DCU. AI has the potential to change the world, and Microsoft is committed to advancing ethical principles about its use and to identifying and combatting its misuse. Moreover, technology quickly changes, as do the threats and malicious activity. The candidate should be able to thrive in ambiguity, identify critical stakeholders, and deliver results under time constraints.
In this role, you will confront some of the most prolific cybercrimes, including ransomware and other malware, business email compromise (BEC) and account takeover attacks, tech support fraud, and the array of online scams, and some of the most sophisticated cyber actors, including financially motivated networks and state-sponsored groups. You will have the opportunity to work side-by-side and collaborate with world-class threat intelligence and security professionals, security engineers, and fraud and abuse analysts and investigators on investigations of complex cybercrime activity and to develop and compile evidence to build affirmative cases against sophisticated online criminal networks and nation-state actors. You will serve as one of DCU’s investigative experts on cybercrime detection, identifying and mapping malicious technical infrastructure, preventing unauthorized access and misuse of Microsoft services, and protecting customers. You will collaborate closely with various security teams across the company to help drive strategies to investigate and disrupt cybercrime to protect our service and customers. Most significantly, you will make the online ecosystem a safer place for users globally.
Qualifications
Required/Minimum Qualifications
Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport.
Citizenship & Citizenship Verification: This role will require access to information that is controlled for export under U.S. export control regulations, potentially under the International Traffic in Arms Regulations or the Export Administration Regulations. As a condition of employment, the successful candidate will be required to provide proof of citizenship, for assessment of eligibility to access the export-controlled information. To meet this legal requirement, citizenship will be verified via a valid passport.
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred Qualifications
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until November 21, 2024
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
Microsoft’s Digital Crimes Unit
Microsoft’s DCU is a global team of attorneys, investigators, and analysts committed to leading the fight against cybercrime to protect our customers and promote global trust in Microsoft. Through strategic partnerships with Microsoft’s unparalleled Threat Intelligence community, fraud and abuse teams, and engineering support, DCU develops and employs innovative legal and technical strategies to detect, disrupt, and deter cybercriminals, nation-state actors, and cyber-enabled fraud actors. DCU sits in Customer Security & Trust (CST) within Microsoft’s Corporate, External, and Legal Affairs (CELA).
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
DCU is searching for a technically skilled investigator to join our agile and dedicated team. Ideal candidates should have a demonstrated interest in expanding their skills and expertise into new areas and cutting-edge technology, including AI, and commitment to the unique mission of DCU. AI has the potential to change the world, and Microsoft is committed to advancing ethical principles about its use and to identifying and combatting its misuse. Moreover, technology quickly changes, as do the threats and malicious activity. The candidate should be able to thrive in ambiguity, identify critical stakeholders, and deliver results under time constraints.
In this role, you will confront some of the most prolific cybercrimes, including ransomware and other malware, business email compromise (BEC) and account takeover attacks, tech support fraud, and the array of online scams, and some of the most sophisticated cyber actors, including financially motivated networks and state-sponsored groups. You will have the opportunity to work side-by-side and collaborate with world-class threat intelligence and security professionals, security engineers, and fraud and abuse analysts and investigators on investigations of complex cybercrime activity and to develop and compile evidence to build affirmative cases against sophisticated online criminal networks and nation-state actors. You will serve as one of DCU’s investigative experts on cybercrime detection, identifying and mapping malicious technical infrastructure, preventing unauthorized access and misuse of Microsoft services, and protecting customers. You will collaborate closely with various security teams across the company to help drive strategies to investigate and disrupt cybercrime to protect our service and customers. Most significantly, you will make the online ecosystem a safer place for users globally.
- Identify and analyze data sources to uncover cybercrime patterns and trends targeting our services and customers
- Building proof-of-concept and prototype threat hunting tools, automations, and new capabilities
- Collaborate with security engineers and cross-company stakeholders to implement comprehensive investigative and enforcement strategies
- Conduct analysis on large, complex data sets to detect and investigate anomalies, develop actionable insights and strategies
- Identify and map malicious technical infrastructure used to facilitate cybercrime
- Work independently to detect, investigate, and understand new and emerging cybercrime attack vectors
- Partner with DCU attorneys to develop legal strategies to disrupt and impact online criminal networks
- Drafting criminal referrals for law enforcement
- Provide expert witness testimony in court filings and proceedings
- Exceptional written and verbal communication skills, including the ability to translate complex technical findings for a broad range of stakeholders, such as law enforcement, legal counsel, and executives
Qualifications
Required/Minimum Qualifications
- 5+ years experience in Compliance, Finance, Data-Analytics, Investigations, or related field
- OR equivalent experience.
- Experience with sophisticated threat actor evidence, including familiarity with common Indicators of Compromise (IOCs), Indicators of Activity (IOAs), and Tools, Techniques, and Procedures (TTPs)
Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport.
Citizenship & Citizenship Verification: This role will require access to information that is controlled for export under U.S. export control regulations, potentially under the International Traffic in Arms Regulations or the Export Administration Regulations. As a condition of employment, the successful candidate will be required to provide proof of citizenship, for assessment of eligibility to access the export-controlled information. To meet this legal requirement, citizenship will be verified via a valid passport.
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred Qualifications
- Industry certifications related to security and/or investigations in incident response and computer forensics
- Extensive experience in attribution, creating threat groups, assessing linkages between established threat groups, and communicating attribution assessments to internal stakeholders
- Proficiency with attacks on endpoints, clouds, networks, and identity-based systems, datasets, communication skills, and investigative practices
- Published research (blogs, presentations, etc.) on new threat actor TTPs
- Experience in cryptocurrency and blockchain investigation tools.
- A solid understanding of Microsoft organizations, technologies, and products and services, especially as they relate to security or threat detection and intelligence
- Ability to obtain and maintain a United States Security Clearance
- Proficient knowledge in malware analysis, malware reverse engineering, and behavioral malware analysis
- Advanced knowledge in intelligence analysis and reporting using standard tools and techniques Advanced skills in analyzing large datasets and developing effective investigative action plans
- Proven experience in both defensive and offensive operations against threats to corporate or consumer information systems and services
- Analytical Tools: Microsoft SQL Server, I2 Analyst Notebook, Paterva Maltego, Kusto (Azure Data Explorer), Python, and other scripting languages
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until November 21, 2024
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
This job is no longer accepting applications
See open jobs at Microsoft.See open jobs similar to "Digital Crimes Unit Investigator" Matt Wallaert.