Cloud Security Engineer

Overview In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day and we need you as a Cloud Security Engineer. Microsoft’s Cloud Operations & Innovation (CO+I) is the engine that powers our cloud services.

As a Cloud Security Engineer you will perform a key role in delivering the core infrastructure and foundational technologies for Microsoft's online services including Bing, Office 365, Xbox, OneDrive, and the Microsoft Azure platform. You will implement and operate modern cloud and on premises cybersecurity controls to defend Microsoft datacenter critical infrastructure from threat actors.

Leveraging multiple solutions and partnering with internal and external teams, you will be at the forefront of advancing industrial network cybersecurity capabilities. Through on the job learning and bi-directional mentorship, this opportunity will allow you to gain cyber defense, automation, and networking skills and experiences that are rare in both networking and security organizations, and in high demand across multiple industries.

This is a flexible work opportunity for you to work from home partially or fully if desired. As a group, CO+I is focused on personal and professional development for all employees and offers trainings and growth opportunities including Career Rotation Programs, Diversity & Inclusion trainings and events, and professional certifications.

Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers. Our foundation is built upon and managed by a team of subject matter experts working to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.

With environmental sustainability and optimization at the forefront of our datacenter design and operations, we continue to grow and evolve as we meet the ever-changing business demands that hold Microsoft as a world-class cloud provider. Microsoft’s mission is to empower every person and every organization on the planet to achieve more.

As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Do you want to empower billions across the world? Come and join us in CO+I and be at the forefront of the action! Responsibilities Responsibilities: · Proactively identify and investigate patterns in security controls and telemetry, recommending mitigation strategies and driving improvements through automation. · Install, upgrade, maintain, and optimize security platforms, cloud services, and supporting infrastructure. · Design, implement, and operate secure Azure cloud environments using native and third-party security controls. · Deliver and support Cyber Security and Compliance solutions across hybrid and cloud-only environments. · Configure, monitor, and operate one or more of the following platforms: Microsoft Sentinel (SIEM) Azure DevOps pipelines and integrations Azure networking stack (Firewalls, vWAN, vNet, NSGs, Gateways, NVAs, VMs) Microsoft Defender for Endpoint Microsoft Defender for Cloud Infrastructure as Code (Bicep, Terraform, ARM templates, Azure Policy) · Build and enhance security detections and analytics using: SIEM (Sentinel) Defender signals IOC / TTP-based methodologies (MITRE ATT&CK) · Conduct incident investigations and response activities, including triage, containment, remediation, and RCA. · Develop and maintain SOAR automation workflows (Logic Apps / playbooks) to improve detection and response efficiency. · Collaborate with cross-functional teams (security, networking, cloud engineering, service teams, and external partners). · Identify gaps in security posture, policies, and operational processes; propose and implement improvements. · Drive operational excellence through: Metrics analysis (alerts, incidents, SLA adherence) Continuous improvement of detection fidelity Reduction of alert noise and false positives · Participate in on-call rotation (DRI model) supporting security operations.

Qualifications Required Qualifications: 3+ years of experience in one or more of the following: Cloud Security Engineering (Azure preferred) Security Operations / SOC environments SIEM (Microsoft Sentinel preferred) Threat detection and incident response Security monitoring, anomaly detection, and threat analytics Experience working with Azure infrastructure and networking concepts.

Experience with at least one of: Infrastructure as Code (Terraform, Bicep, ARM) Scripting/automation (Python, PowerShell,KQL) OR Bachelor’s Degree in Computer Science, Cybersecurity, Engineering, or related field. Background Check Requirements: Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.

These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter