Consultant- Cybersecurity Forensics Analyst
Microsoft
Auckland, Auckland, New Zealand
5d ago

Do you want to join the Detection and Response Team (DART) as a Digital Forensic Analyst?

Do you have a passion for helping Microsoft’s clients defend themselves against targeted attack? Are you interested in being intimately involved in the latest, cutting-edge developments in the security industry, communicating with security industry leaders, and having a direct impact on the security of all Microsoft customers?

Do you want to be on the front lines of helping our customers assess their security posture?

If so, you might be a candidate for the Microsoft Cybersecurity Detection and Response Team (DART) as a Forensic Analyst.

We are looking for a Forensic Analyst with a strong, experienced security background to join our team delivering Incident Response investigations and point-in-time cybersecurity assessments that provide our worldwide enterprise customers with both a deeper understanding of their security posture and an understanding of potential malicious activities within their environments.

Responsibilities

This role will work as part of a collaborative team assisting our top customers with :

  • Discovering attacker persistence (if present)
  • Determining attacker activity on known compromised systems
  • Identifying potential threats allowing for proactive defense before an actual incident
  • Providing recommendations to improve cybersecurity posture going forward
  • Performing knowledge transfer to prepare customers to defend against today’s threat landscape
  • Qualifications

    A BS in Computer Science or Engineering or comparable experience in a related discipline with 5+ years of related work experience along with the following :

  • Proven knowledge of security fundamentals across Microsoft platforms (Client, Server, Cloud)
  • Understanding of malware and the modern threat landscape
  • Detail oriented and reliable problem solver mentality
  • Excellent oral and written communication skills including concisely communicating status and creating customer reports and presentations
  • Familiarity and understanding of basic SQL or KQL queries
  • Experience with some of the following is a distinct advantage :

  • Consulting background
  • Active Directory subject matter expertise
  • Experience with APT actor group evidence including familiarity with Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and attack Tools, Techniques and Procedures (TTPs)
  • Use of forensic analysis tools such as X-Ways Forensics®, WinHex®, Encase®, FTK®, etc.
  • Microsoft Azure and / or Office 365 platform knowledge and experience
  • Experience with various forensic log artefacts found in SIEM logs, web server logs, AV logs, protection logs such as HIDS and NIDS logs
  • Familiarity with Log Analytics and Windows Defender ATP Advanced Analysis queries
  • Excellent understanding of Windows internals and where trace evidence can be found
  • Understanding of technology and security principles and possess knowledge of the cyber threat landscape
  • Proven experience in helping enterprises manage vulnerabilities, measure security, and ensure compliance
  • A desire to learn and grow, as well as a desire to help others do so
  • Knowledge of third-party cybersecurity solutions
  • CISSP certification or similar
  • If you are looking for a role that will allow you to use your knowledge and passion to strengthen the security posture of customers, you will have a bright future within our Microsoft’s Cybersecurity Detection and Response Team (DART).

    DART

    Travel is an integral part of this position as are high levels of recognition and visibility. Short notice travel with priority in the following order : EMEA, Asia Pacific and the Americas will likely be as 50% or higher as is demanded by the needs of our customers and our business.

    Position location is flexible.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form