Security Engineer II

Microsoft Microsoft · Big Tech · Redmond, WA +1 · Security Operations Engineering

Security Engineer II role focused on proactive threat detection, investigation, and response within Microsoft's Cloud & AI organization. Responsibilities include analyzing alerts, conducting deep-dive investigations, correlating signals, driving incident response actions, improving detection logic, and enhancing investigation workflows. Requires strong analytical thinking and collaboration with cross-functional teams to improve security posture.

What you'd actually do

  1. Proactively identify and respond to sophisticated threats by analyzing diverse security signals, driving rapid containment, and reducing risk to critical systems and data.
  2. Perform deep-dive investigations into complex security events, determine scope and root cause, and drive incidents to resolution with clear documentation and action.
  3. Partner with threat intelligence, detection engineering, product teams, and researchers to translate insights into actionable improvements in detection, response, and remediation.
  4. Identify gaps in existing detections and workflows, and contribute to building, tuning, and scaling automation and detection logic to improve coverage and efficiency.
  5. Leverage data, analytics, and security telemetry to prioritize work, improve investigation quality, and enhance consistency across a globally distributed operations model.

Skills

Required

  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event

Nice to have

  • Curiosity
  • Analytical thinking
  • Ability to operate effectively in a fast-paced, high-impact environment
  • Mentorship
  • Knowledge sharing
  • Exploring new technologies