Explore thousands of opportunities across Tech:NYC’s member network.

677

companies

7,670

Jobs

My job alerts

Incident Response Engineer - CIRT

Microsoft

Posted on Apr 22, 2025

Apply now

Incident Response Engineer - CIRT

Sydney, New South Wales, Australia

Save

Share job

Date posted

Apr 22, 2025

Job number

1819941

Work site

Up to 100% work from home

Travel

0-25 %

Role type

Individual Contributor

Profession

Technical Support

Discipline

Technical Support Engineering

Employment type

Full-Time

Overview

With over 17,000 employees worldwide, the mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more.

Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.

As a Senior Incident Response engineer, you will be an elite member of a customer facing security support team leading incident response investigations for Microsoft’s enterprise customers. You have experience in analysing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analysing security incident related data to identify indicators of attack and compromise.

In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Senior Incident Response Engineer you will own, troubleshoot and solve highly complex customer technical issues. This opportunity will allow you to accelerate your career growth by honing your problem-solving, collaboration and research skills, and developing your technical proficiency.

This role is flexible in that you can work up to 100% from home.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Qualifications

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 5+ years of technical support, technical consulting experience, or information technology experience

o OR 7+ years of technical support, technical consulting experience, or information technology experience.

o OR equivalent experience

• Minimum 2+ years Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, windows server, and endpoint security, etc.)

• Minimum 2+ years Cloud investigations experience with Entra ID, Microsoft 365 and Microsoft Defender solutions

• Minimum 2 years customer facing experience

• Experience supporting large and complex geographically distributed enterprise environments with 1000+ users

• Minimum 1+ years of experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration

• Experience in Entra ID and Microsoft 365 management and troubleshooting

• Experience with any Microsoft Defender solutions

• Experience in Azure Identity management and troubleshooting

• Kusto Query Language knowledge

• Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments

• Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level).

• Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc.)

• Preferred Bachelor’s degree or higher in a technical field, or relevant work experience

Experience in Linux and/or Mac administration

Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.

Responsibilities

• Scope customer security incidents
• Understand and identify indicators of attack and indicators of compromise
• Analyse incident data from threat analytics tools
• Collaborate with the Security and Threat Intelligence teams by providing indicators of compromise and samples of malware from the customer’s environment
• Coordinate a response to the security incident with other Microsoft security and consulting teams.
• Develop, document, and implement runbooks, capabilities, and techniques for Incident Response
• Perform security triage and analysis on endpoint, server and network infrastructure.
• Perform activities necessary for immediate containment and short-term resolution of incidents.
• Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities
• Investigate root cause of complex security incidents
• Maintain a high level of confidentiality
* Participate in the on-call rotation as required

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Industry leading healthcare

Educational resources

Discounts on products and services

Savings and investments

Maternity and paternity leave

Generous time away

Giving programs

Opportunities to network and connect

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Apply now

See more open positions at Microsoft

Privacy policy Cookie policy