Fraud Operations Investigation Analyst

Microsoft Microsoft · Big Tech · Redmond, WA +1 · Security Operations Engineering

This role investigates complex fraud and abuse cases across Microsoft's cloud and service ecosystem, protecting customer trust and reducing financial harm. The analyst will conduct deep-dive investigations, document findings, execute remediation actions, monitor fraud signals, perform vetting, and contribute to process improvements.

What you'd actually do

  1. Conduct deep-dive investigations on accounts, tenants, and partners to determine fraud-from-birth, abuse, or legitimate compromise.
  2. Correlate signals across systems and time, leveraging multiple evidence sources to reconstruct incident timelines and root causes.
  3. Document findings, evidence, and investigative actions in a clear, audit-ready manner.
  4. Execute blocks, suspensions, recoveries, and clean-up actions.
  5. Perform security reviews and onboarding vetting for partners and identities.

Skills

Required

  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Analytical and problem-solving skills
  • Deep understanding of fraud, abuse, and threat actor tactics, techniques, and procedures (TTPs)
  • High attention to detail, documentation rigor, and audit-defensible decision making
  • Effective communicator
  • Collaborative mindset
  • Adaptable and resilient in a fast-paced, ambiguous environment

Nice to have

  • CompTIA Security+, BlueTeam Level 1, SANS GSEC, GCIH, or similar certifications
  • Experience in Digital Forensics and Incident Response (DFIR)
  • Prior experience in fraud investigations, threat analysis, or security operations

What the JD emphasized

  • fraud
  • abuse
  • threat actor tactics, techniques, and procedures (TTPs)
  • audit-defensible decision making
  • security operations