Overview:

Microsoft’s Digital Threat Analysis Center (DTAC) is looking for a digital threat analyst fluent in Persian with an expertise in Middle Eastern political affairs to enhance DTAC’s mission to detect, assess, and disrupt digital threats to Microsoft, its customers, and democracies worldwide. The analyst will leverage their language skills and geopolitical knowledge to develop assessments about how cyber and influence operations fit into Iran’s national security policy. DTAC is part of Microsoft’s Corporate, External, and Legal Affairs in the Customer Security & Tru­­st group. As such DTAC has regular external engagement with Microsoft partners, demanding an ability to effectively build presentations and brief partners, often under tight deadlines.

Role:

In this role, the analyst will leverage Persian and regional, cultural, and geopolitical knowledge to inform attribution analysis and develop assessments about how influence and cyber operations fit into Iran’s national security policy. This will require skimming Iranian press and social media in Persian quickly and efficiently to capture the most relevant findings. The analyst will write and brief on a broader set of analytic findings, integrating open-source information with data from Microsoft’s telemetry, for internal and external executives and occasionally writing for public audiences to mitigate threats from nation state actors.

The role is based in our NYC office. Some domestic and international travel may be expected, estimated to be less than 10%. More is possible overtime, if interested. Most common travel locations include offices in the Washington, DC area and Microsoft’s Corporate Headquarters, in Redmond, WA.

Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements.

Responsibilities

Key Responsibilities:

• Research, assess, and report on Iranian cyber and malign influence threats at the tactical and strategic level by drawing on information from Iran-linked social media accounts, foreign policy priorities and perspectives from open-source reporting, and activity of Iranian cyber threats from Microsoft telemetry.

• Work closely with the Microsoft Threat Intelligence Center (MSTIC) in its investigations of cyber operations of Iranian threats and draw from their technical cybersecurity findings to inform your analysis.
• Expand partnerships internally and externally to build resilience in the information environment, increase speed of threat detection, and empower effective counter action.
• Develop innovative, non-intrusive, law-abiding methods for detecting, diagnosing, and deterring the most advanced and prolific threats in the information environment.

Qualifications

Required Qualifications:

• Spoken and written fluency in Persian.
• Experience leveraging language skills for open-source research.
• Experience in social media research and analysis, including on platforms frequently used by Iranian actors (e.g. Telegram, Aparat).
• Strong English-language writing skills.
• Proficient in Microsoft Excel for data analysis and Microsoft Power Point for presentations for executive audiences.
• Professional analytic experience working on cyber and/or disinformation threats in the Middle East.
• Ability to quickly and efficiently sift through data to identify trends, shifts, or key issues to incorporate into synthesized analysis for senior customers or decisionmakers.

Preferred Experience:

• Additional language skills are a plus, particularly for languages in the Middle East (e.g., Persian dialects, Arabic, Kurdish, Turkish, Azeri, Armenian).
• Years of experience tracking Iranian cyber capabilities, infrastructure, and operational techniques and Iranian/Middle Eastern geopolitical issues.
• 2+ years producing actionable threat intelligence or strategic analysis through written reports and products.
• Quantitative analytic experience is a plus.
• Experience in common database query languages (e.g. SQL) and Python is a plus.
• Excellent cross-group collaborator with experience building relationships.
• Experience collaborating with front-line actor analysts, technical collectors, and threat intelligence partners in government and industry is a plus.
• Active security clearance or the ability to acquire an active security clearance is a plus.

#CELA

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.