Cyber Security Analyst – Investigations Team

Share job

Date posted

Oct 21, 2025

Job number

1896975

Work site

0 days / week in-office - remote

Travel

0-25 %

Role type

Individual Contributor

Profession

Security Engineering

Discipline

Security Operations Engineering

Employment type

Full-Time

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.

We are hiring a Cyber Security Analyst. As a Security Analyst on the CDO CDI INV team, you will play a critical role in safeguarding our Microsoft infrastructure, applications, and data. You’ll work closely with engineering, operations, and compliance teams to detect, investigate, and respond to security threats, while also contributing to the development of proactive defense strategies.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

• Bachelor's Degree in Statistics, Mathematics, Computer Science or related field

• OR 3+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Master's Degree in Statistics, Mathematics, Computer Science or related field

• OR 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.

• CISSP CISA CISM SANS GCIA GCIH OSCP Security+

• 3+ years of hands-on experience in Security Operations Center (SOC), threat detection and analysis, and/or Incident Response (IR).

• 2+ years of professional software development life-cycle experience in one of the following: C#, JavaScript, or Python.

• Experience working collaboratively in a team environment, especially within diverse organizations.

• Experience analyzing a wide variety of network and host security logs to detect and resolve security issues.

• Understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.

• Deep understanding of system internals on Windows, MacOS, and Linux.

• Experience automating and developing with Python, Jupyter Notebooks, PowerShell, or R, and working with REST APIs.

• Experience correlating across large and diverse datasets (Azure Data Lake, Azure Data Explorer, Cosmos DB).

• Knowledge of network architecture (LAN and WAN) and the threat landscape.

• Knowledge of KQL is an added advantage.

• 2+ years working with SQL-based databases.

Security Operations Engineering IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until October 24, 2025.

#MSSecurity #CISOOrg #CDO

• Monitor and analyze security events using SIEM tools and threat intelligence platforms, using the Microsoft Defender suite.

• Investigate and respond to security incidents, coordinating with stakeholders to ensure timely resolution.

• Conduct security investigation and support remediation efforts across systems and applications.

• Develop and maintain security dashboards, reports, and metrics to track risk posture and incident trends.

• Collaborate with engineering teams to integrate security into CI/CD pipelines and cloud environments.

• Support compliance initiatives and audits by providing evidence and documentation.

• Contribute to threat modeling, tabletop exercises, and red/blue team engagements.

• Embody our culture and values