Our DFIR team is responsible for responding to our clients' cyber incidents and crises.Our group is expanding. If you see yourself in the front line of the cybersecurity domain as a data forensic and incident response (DFIR) talent, your place is with us. As a DFIR team member, you will participate in hands-on security research and investigations, helping our customers understand and mitigate cyber threats and attacks.
Responsibilities:
Perform incident response lifecycle and real-time activities, including detection and analysis, containment and eradication, and recovery
Perform incident response in a cloud environment (Azure, AWS, etc.).
Perform digital forensics investigations
Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors
Perform hunt-evil and find-evil activities for proactively detecting attacks
Work closely with our in-house red team, CTI, and cyber architect teams
Work closely with worldwide companies, CISOs, and technology experts

Responsibilities:
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.

As a Security Researcher, you will be:

Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding and exploiting vulnerabilities and circumventing modern mitigation techniques