Overview The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Microsoft’s STInG (Supplier Threat Intelligence Group) is a multidisciplinary team dedicated to protecting Microsoft’s, its customers, and critical services by delivering authoritative supply‑chain ownership, fused with predictive adversarial threat analysis, enabling leaders to act quickly, confidently, and decisively at enterprise scale during active incidents and emerging threat campaigns.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities As a Senior Threat Intelligence Analyst, you will use your knowledge of adversary intentions and capabilities to identify critical supplier services likely to be targeted by threat actors and secure these portions of Microsoft’s supply chain. You will also use your knowledge of the various threat actor sets to ensure Microsoft’s supply chain is protected from intentionally compromised products and services. You will define, develop, and implement techniques to discover and track current and future threat actor targeting of suppliers. Discover threat actor trends and map these findings to Microsoft’s vast supplier network to mitigate risk to Microsoft’s supply chain. Discover adversarial front companies with links to adversaries and evaluate compromises to Microsoft’s supply chain. Collaborate across Microsoft teams and partner groups and integrate intelligence into products.

You will produce actionable intelligence and develop process to share this actionable intelligence with various parts of Microsoft. In this role, you will be responsible for collaborating with these, and other, stakeholders from Microsoft to protect both Microsoft assets and Microsoft’s customer base through improved product and services offerings. You will strengthen existing partnerships and build new ones with key organizations to deliver benefits to Microsoft and its customers. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Qualifications:

Required/minimum qualifications:- Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detectionOR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection

• OR equivalent experience.
• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
• This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations. As a condition of employment, the successful candidate will be required to provide either proof of their country of citizenship or proof of their U.S. permanent residency or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport. Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable.

Preferred Qualifications: - 5+ years technical knowledge of adversary capabilities and techniques that can be applied to define, develop, and implement techniques both to discover the adversaries of today and identify the attacks of tomorrow.

• 5+ years experience tracking APT adversaries leveraging to identify and characterize various TTPs, capabilities, and operational campaigns. In depth experience producing actionable threat intelligence on targeted and advanced persistent adversaries and domain/supply chain assessments. Applied knowledge across all critical elements and common data types used in threat intelligence analysis, including malware used in targeted adversary campaigns; host and log forensics, including methods of data collection and analytic techniques; and network forensics, including common protocols and how those are used in adversary operations. Applied knowledge of a variety of adversary command and control methods and protocols.
• 5+ years experience supporting incident response and being deeply familiar with common incident response procedures, processes, and tools.
• 5+ years experience working across crosfunctional teams including threat hunters, incident responders, and customer delivery representatives.
• 4+ years experience Proven track record of working across cross-functional teams including threat hunters, incident responders, and customer delivery representatives Cloud Hunting experience.
• 4+ years experience in China, Russia, or Iran threat actors.

Security Research IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.