Threat Analyst Internship

Job Description

• The Security, Compliance and Identitiy Management (SCIM) team is committed to defending Microsoft customers from cyber-attacks as well as providing sophisticated tooling for securing important data.
• SCIM fosters an agile development environment, continuously gathering and analyzing data to combat evolving threats.
• Our mission is to help protect customers with truly innovative proactive protection, advise customers on emerging trends, and engage in valuable partnerships.
• As the Research organization within SCIM, it’s our job to stay one step ahead of malicious adversaries and predict the threats of the future.
• We work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, their tools and infrastructure.

Responsibilities

• We build innovative security and data compliance products.
• Our security products are brought together in the Microsoft 365 Defender (M365D) suite.
• M365D enables Microsoft’s enterprise customers to detect, investigate, understand, and respond to advanced threats on their networks via a combination of behavioral sensors, cloud security analytics, and threat intelligence.
• The Microsoft Threat Experts Team is looking for threat hunters! No matter how sophisticated attacker behaviors become, Microsoft 365 Defender (M365D) will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks.
• Our team uses deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root-cause analysis and generate custom alerts, ensuring that M365D customers are well equipped to quickly respond to human adversaries identified in their unique environments.
• Ensuring that no human adversary can operate silently begins with experts harnessing the powerful optics provided by M365D, across the attacker kill-chain, coupled with world-class detections. 
• We’re looking for a skilled hunter to harness the power of Microsoft’s trillions of security signals to quickly identify and report the latest human adversary behaviors, drive critical context-rich alerts, build new tools and automations in support of hunting objectives, and drive innovations for detecting advanced attacker tradecraft.
• Explore and correlate large data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, to research and provide new detection mechanisms.
• Acquire new and leverage existing knowledge of attacker tools, tactics and procedures to improve security posture of customers.
• Self-driven and team cooperated research on novel attack techniques to simulate them in lab on endpoints and cloud infrastructure to identify required detection mechanisms.
• Identify need of required tools for research and analysis and effectively engage and collaborate with partners in engineering and data science to develop and maintain them.
• Effectively engage and collaborate with partners in data science, threat research to develop and maintain high-fidelity detection rules.
• Build hunting tools and automations for use in the discovery of human adversaries.
• You would be expected to support a 24/7 operation model that may sometimes involve working in night shifts.

Qualifications

• University Graduates