Government Cloud Investigations Analyst - Ctj - Ts

Microsoft Microsoft · Big Tech · Redmond, WA +1 · Security Operations Engineering

Investigate fraud, abuse, and security incidents within U.S. Government cloud environments, adhering to federal compliance frameworks and protecting government customers. This role involves deep-dive investigations, incident response, threat hunting, and cross-functional collaboration in a regulated, high-trust environment.

What you'd actually do

  1. Conduct deep-dive investigations into: Correlate signals across identity, billing, telemetry, and cross-tenant activity to reconstruct attack timelines and determine root cause
  2. Own or support Sev-1 / Sev-2 incidents within Government cloud environments
  3. Manage investigations end-to-end:
  4. Identify emerging fraud patterns and adversary modus operandi (MO)
  5. Develop and refine Standard Operating Procedures (SOPs)

Skills

Required

  • 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field
  • Active U.S. Government Top Secret Security Clearance

Nice to have

  • Master's Degree in Statistics, Mathematics, Computer Science, or related field
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • equivalent experience

What the JD emphasized

  • high-impact investigations
  • U.S. Government cloud environments
  • high-trust, regulated environment
  • strict adherence to federal compliance frameworks
  • audit-defensible, evidence-based investigative outcomes
  • sophisticated threats
  • fraud vs. compromise vs. legitimate activity
  • Sev-1 / Sev-2 incidents
  • high-visibility incidents
  • audit-ready documentation
  • emerging fraud patterns
  • fraud investigations
  • active U.S. Government Top Secret Security Clearance