Python Security Engineer

Last update 2024-06-19
Expires 2024-07-19
ID #2186979389
Python Security Engineer
Ireland, Dublin, Dublin,
Modified June 9, 2024


This inclusive employer is a member of my Gwork – the largest global platform for the LGBTQ+ business community.

Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Microsoft Threat Intelligence Center (MSTIC) tracks nation state and criminal actors to protect Microsoft and Microsoft's customers. The actors we track are often highly technical, and maintain good operational security. Tracking actors like this requires persistence and ingenuity and is done by combining intelligence analysts, reverse engineers, developers and data scientists. Some of the successful investigations that MSTIC has performed include discovering and disrupting supply chain attacks from North Korean actors, identifying attacks from Iranian actors against universities and research organisations, and monitoring new techniques deployed by Russian actors. MSTIC also co-operate with the Digital Crimes Unit (DCU) to prevent cybercrime, particularly ransomware. Our team in Dublin is expanding and we're looking for individuals interested or experienced in threat intelligence, with good development experience, to help us scale up our nation state and cybercriminal actor tracking. Your role would be to track actors, perform investigations and automate that hunting work through python development. (If you are familiar with using the Storm language and Azure Data Explorer, all the better!). Qualifications Experience in software development lifecycle, cybersecurity, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field Experience performing actor tracking/investigation/threat intelligence/SOC work A good understanding of how the internet works, that is, relevant network protocols (HTTP, TLS, TCP/IP, UDP, DNS, etc), OAuth. Experience programming in Python. Ideally experience with Jupyter notebooks. Familiarity with using git for source control Threat hunting in telemetry/data sources - SQL, or KQL (Azure Data Explorer) Threat intelligence investigation - Familiar with endpoint data, malware blackboxing analysis, working with reverse engineers. Good communication skills Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.#MSFTSecurity #MSec RMicrosoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work. Responsibilities Writing and peer reviewing Python jupyter notebooks/code to search through Microsoft telemetry and discover actor activity from known indicators and TTPs Write Azure Data Explorer (KQL) queries to search in telemetry. Write Storm queries (for the Vertex Synapse tool) to search telemetry. Perform daily actor tracking, either for nation state actors, or e-crime, identifying any opportunities for automation. Threat intelligence content production - Writing up findings in a clear, unambiguous manner such that your peers can easily understand your investigation, and why and how you came to any conclusions. Work with engineers/developers/data scientists to develop more complex systems that solve analyst’s needs.#LI-DNI

Job details:

Job type: Full time
Contract type: Permanent
Salary type: Monthly
Occupation: Python security engineer

⇐ Previous job

Next job ⇒     


Contact employer

    Employer's info


    Quick search:


    Type city or region