About the Role

Incident Response Engineer at Microsoft's Cybersecurity Incident Response Team (CIRT) responsible for investigating security incidents for enterprise customers. The role involves analyzing, triaging, scoping, containing, and remediating incidents, with a focus on technical troubleshooting and customer engagement. This is a flexible position allowing up to 100% remote work.

Key Responsibilities

• Scope customer security incidents
• Investigate root cause of complex security incidents
• Analyze incident data from threat analytics tools
• Coordinate response with Microsoft security and consulting teams
• Develop and implement runbooks for Incident Response

Required Skills & Qualifications

Must Have:

• Bachelor's degree in Computer Science, IT, or related field with technical support experience
• Practical experience managing Network, Windows Server, Windows Client, and Active Directory
• Working knowledge of Entra ID and Microsoft 365 management
• Experience in Cybersecurity and Security Incident Response

Nice to Have:

• Experience with Microsoft Defender solutions
• Kusto Query Language knowledge
• Automation skills in PowerShell and/or Python
• Preferred IT certifications (e.g., CISSP, SANS GCIH)

Benefits & Perks

• Industry leading healthcare