Applications for this job have closed. Try searching for similar jobs.

Security Support Engineer - Incident Response (Bilingual in Spanish/English)


Location: Atlanta, Georgia, Charlotte, North Carolina, Fargo, North Dakota, Irving, Texas, Issaquah, Washington

Job Type: Full time


Perfection not required
Excited about this role, but not sure if you meet 100% of the criteria? Employers would still love to hear from you.

Microsoft is on a mission to empower every person and every organization on the planet to achieve more. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. You can help us to achieve our mission.

With over 12,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of the Microsoft end-to-end customer experience. This newly expanded organization reflects the Microsoft ambition to be known as a customer experience company, ensuring our Microsoft mission to empower every person and every organization on the planet to achieve more is enabled by delighting customers and consistently exceeding their expectations in every interaction through a connected customer experience.

Microsoft has a tremendous opportunity to exceed customer expectations and drive greater customer loyalty and trust, which leads to greater satisfaction, retention, and growth. The CE&S organization is looking for people with a passion for delivering customer success to help us build a future where customers come to us, not only because we provide industry-leading products and services, and also because we provide a differentiated and connected customer experience that is rooted in our commitment to delivering on customer outcomes.

Support Engineers (SE) serve as frontline technical resources for Microsoft customers and partners via phone, email or web. They deliver unique value by collaboratively and reactively solving customer problems, providing proactive support advice, contributing to product quality and enhancements and creating self-help assets to broadly reach more customers. You will be part of a team responsible for providing an outstanding technical support experience to our business customers. From problem identification to full resolution, you will own and manage the customer experience over the phone and Web. When needed, you will collaborate with others to engage subject matter experts, Engineering (Product Groups) or Management. Your day to day job will be about providing both technical expertise (either on your own or by involving your colleagues) and about being an excellent communicator and a service oriented professional. You will be given the opportunity to become a subject matter expert in one or more areas and receive guidance and mentorship from your colleagues.


As a security support engineer, you will be an elite member of a customer facing security support team leading incident response investigations for Microsoft’s enterprise customers. You have experience in analyzing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. You are familiar with collecting and analyzing security incident related data to identify indicators of attack and compromise. 

In all interactions with our customers, you communicate effectively, have complete accountability and ownership over providing amazing results, show resourcefulness in providing timely and effective solutions, and approach every situation with empathy, care, and a focus on providing an amazing experience. When you don’t know the answer, you “swarm” with other engineers at Microsoft to come up with a solution quickly, and you aren’t afraid to ask questions and learn new things daily. You don’t let anything block you in the pursuit of a world class customer service. 

This position requires extensive cross-group coordination, collaboration, and excellent oral and written communication skills. Attention to detail; and a highly organized, process-focused aptitude are required to manage the variety of responsibilities and deliverables. You work well under pressure and deadlines, while also exhibiting flexibility and adaptability across a broad organizational matrix. 

  • Scope customer security incidents 
  • Understand and identify indicators of attack and indicators of compromise 
  • Analyze incident data from threat analytics tools 
  • Communicate recommendations and guidance based on results of security incident analysis to the customer 
  • Coordinate a response to the security incident with other Microsoft security and consulting teams 
  • Develop, document, and implement runbooks, capabilities, and techniques for IR 
  • Perform security triage and analysis on endpoint, server and network infrastructure 
  • Collaborate with the security intelligence team by providing samples of malware from the customer’s environment 
  • Perform activities necessary for immediate containment and short-term resolution of incidents 
  • Maintain current knowledge and understanding of the threat landscape, emerging security threats, and vulnerabilities 
  • Investigate root cause of complex security incidents 
  • Maintain a high level of confidentiality 
  • Participate in an on-call rotation when required
  • Responsible for the customer support experience with Microsoft
  • Own, troubleshoot and solve customer technical issues, using collaboration, troubleshooting best practices and transparency within and across teams (e.g. swarming)
  • Identify cases that require escalation (either technically or strategically)
  • Create and maintain incident management requests to product group/engineering group
  • Contribute to case deflection initiatives, automation and other digital self-help assets to improve customer/ engineer experience
  • Provide ramp activities, knowledge sharing, technical coaching and mentoring
  • Drive technical collaboration & engagement outside of CSS (Product Engineering teams/Services/Support/Regions)
  • Lead or participate in building communities with peer delivery roles; may be workload or specialty specific
  • Embody our culture and values


Required/Minimum Qualifications

  • 5+ years technical support experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration, technical consulting experience, or information technology experience
    • OR Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 3+ years technical support experience in Network Security Administration, and/or Systems Administration with experience in Windows Server, Windows Client, and Active Directory Administration, technical consulting experience, or information technology experience
  • 1+ years customer facing support experience

Additional or Preferred Qualifications

  • Microsoft Technology Certifications
  • Bilingual in Spanish/English
  • Security Incident Response experience with recent operational security experience (SOC, Malware Analysis, IDS/IPS Analysis, threat analytics, windows server, and endpoint security, etc.) 
  • Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments 
  • Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level). 
  • Experience in Linux and/or Mac administration 

Soft Skills:

  • Demonstrated experience learning new technologies
  • Strong collaborative skills and extensive cross-group coordination skills 
  • Proven customer service skills supporting external and/or internal customers in an enterprise environment 
  • Great phone presence and documentation abilities. Excellent executive communication and crisis management skills 
  • Excellent documentation skills and ability to translate complex technical processes into simple to follow written guides 
  • Previous experience working in a large, complex, highly matrixed global organization preferred 
  • Ability to work in a high pace environment with many competing priorities and randomization 

Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements.

Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.