CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Incident Response Engineer

Canada, Multiple Locations 96000.00 - 177600.00 CAD / Year · Job Posted February 03, 2026
Apply Position
Job Link Share

Job Description

Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment. In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Senior Technical Support Engineer, you will own, troubleshoot, and solve complex customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and deepen your technical proficiency.

Job Responsibility

  • Implements strategic business decisions with customers, partners, and teams to increase market share
  • Contributes to and/or develops automation techniques and diagnostic tools to improve cross-group effectiveness
  • Provides feedback to more senior engineers or serviceability team on functionality of products based on engagements with customers
  • Participates in case triage meetings and/or case discussions to share knowledge with other engineers
  • Engages with engineering team to investigate product bugs, provides business impact, and collaborates with appropriate stakeholders and senior team members on fixes
  • Implements end-to-end readiness programs (e.g., mentoring, leading triages, content creation, brown bag sessions, blogs, quality assurance checks, writes technical articles) and contributes to the content and readiness strategy
  • Acts as an advisor to the customer and handles complex, repeatable, or escalated cases that may become politically charged
  • Performs complex product troubleshooting and remediation when needed
  • Reviews complex issues (e.g., multiple components of a product) and contacts customers to understand issue
  • Collaborates on cross-team and cross-product technical issues by working with resources from other groups including support engineering groups, product groups, services team, and account team as needed to resolve complex customer issues

Requirements

  • Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 3+ years of technical support, technical consulting experience, or information technology experience
  • OR 5+ years of technical support, technical consulting experience, or information technology experience OR equivalent experience
  • Ability to meet Microsoft, customer and / or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter

Nice to have

  • Cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
  • Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level)
  • Experience in Azure Identity management and troubleshooting
  • Preferred Bachelor’s degree or higher in a technical field, or relevant work experience
  • Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, SANS GCIH, CISSP, CEH, Amazon AWS, etc.)
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Incident Response Engineer

8 matching positions

Incident Response Engineer

Within CE&S, the Customer Service & Support (CSS) organization builds trust and ...
Location
Location
Canada , Vancouver
Salary
Salary:
96000.00 - 177600.00 CAD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 3+ years of technical support, technical consulting experience, or information technology experience
  • OR 5+ years of technical support, technical consulting experience, or information technology experience OR equivalent experience
  • Ability to meet Microsoft, customer and / or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Implements strategic business decisions with customers, partners, and teams to increase market share
  • Influences peers to implement strategy
  • Contributes to and/or develops automation techniques and diagnostic tools to improve cross-group effectiveness
  • Provides feedback to more senior engineers or serviceability team on functionality of products based on engagements with customers
  • Provides feedback to the product group for product improvement
  • Leverages overall product knowledge to determine if and when features require enhancements
  • Participates in case triage meetings and/or case discussions to share knowledge with other engineers and contribute to more rapid customer solutions
  • Utilizes learnings from triage meetings to identify and communicate readiness needs to manager or readiness team
  • Engages with engineering team to investigate product bugs, provides business impact, and collaborates with appropriate stakeholders and senior team members on fixes
  • Translates feedback and creates processes and workflows for case resolution
  • Fulltime
Read More
Arrow Right

Incident Response Engineer

Within CE&S, the Customer Service & Support (CSS) organization builds trust and ...
Location
Location
Canada , Multiple Locations
Salary
Salary:
96000.00 - 177600.00 CAD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 3+ years of technical support, technical consulting experience, or information technology experience
  • OR 5+ years of technical support, technical consulting experience, or information technology experience OR equivalent experience.
  • Ability to meet Microsoft, customer and / or government security screening requirements are required for this role.
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Implements strategic business decisions with customers, partners, and teams to increase market share. Influences peers to implement strategy.
  • Contributes to and/or develops automation techniques and diagnostic tools to improve cross-group effectiveness.
  • Provides feedback to more senior engineers or serviceability team on functionality of products based on engagements with customers. Provides feedback to the product group for product improvement. Leverages overall product knowledge to determine if and when features require enhancements.
  • Participates in case triage meetings and/or case discussions to share knowledge with other engineers and contribute to more rapid customer solutions. Utilizes learnings from triage meetings to identify and communicate readiness needs to manager or readiness team.
  • Engages with engineering team to investigate product bugs, provides business impact, and collaborates with appropriate stakeholders and senior team members on fixes.
  • Translates feedback and creates processes and workflows for case resolution.
  • Implements end-to-end readiness programs (e.g., mentoring, leading triages, content creation, brown bag sessions, blogs, quality assurance checks, writes technical articles) and contributes to the content and readiness strategy. Mentors Technical Support Engineers or members from other teams outside of Customer Service and Support (CSS). develops expert level competence on support topics.
  • Acts as an advisor to the customer and handles complex, repeatable, or escalated cases that may become politically charged. Creates technical articles or knowledge base (e.g., edits or creates news/ knowledge-base articles) that is internal or customer facing for better customer understand. Provides best practices and education to ensure customer understands the problem in order to proactively resolve potential issues in the future.
  • Performs complex product troubleshooting and remediation when needed. Works alongside the development teams to drive incident resolution for configuration, code, or other service deficiencies impacting customers. Analyzes patterns of problems and identifies workflows to optimize support engineering delivery for a team or region level.
  • Reviews complex issues (e.g., multiple components of a product) and contacts customers to understand issue. Ensures customers stay informed as to the status/solution of their issue. Utilizes troubleshooting tools (e.g., event logs, performance traces) to help resolve customer issues.
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Engineer

We are a global team of innovators and pioneers dedicated to shaping the future ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
newrelic.com Logo
New Relic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Willingness to work in rotational shifts including Morning, Evening and Night shifts
  • Willingness to work in weekend shifts and support on call
  • At least five years of recent experience working in a threat hunting, threat intelligence, incident response, or security engineering role
  • Experience configuring security incident and event management tools, including creating event filtering, correlation rules, and reports
  • Strong understanding of the MITRE ATT&CK Framework
  • Experience performing risk assessment, threat tracking, or vulnerability management and success in evaluating and communicating severity, impact, and likelihood of a risk to a wide audience
  • Familiarity with digital forensic tools and techniques for hands-on response during incidents
Job Responsibility
Job Responsibility
  • Support and maintain response strategy and tooling to severe incidents and key attack scenarios
  • Support the SoC alert life cycle: triage security risk, investigate alerts, develop runbooks, policies and procedures to help the company respond, and run retrospectives to coordinate effort across the company to prevent future incidents
  • Maintain healthy working relationships with our managed security service providers and respond to incident escalations
  • Maintain coordination and communication streams horizontally and vertically as part of major cyber related incident handling
  • Know the latest APT tactics and techniques and use engineering practices to detect and respond
  • Provide technical expertise to engineering teams on standard methodologies, tools and frameworks
  • Work with product managers, senior management, and end users to drive security maturity across the business
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Incident Response

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Germany
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with endpoint detection and investigation. Hands-on experience with leading EDR tools and demonstrated ability to leverage endpoint telemetry to find root cause
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Security Incident Response

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • equivalent experience
  • Active U.S. Government Secret Security Clearance
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • U.S. citizenship verification
Job Responsibility
Job Responsibility
  • Coordinate with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services
  • Conduct hands-on mitigation where possible
  • engages service owners when there is a risk of a production outage
  • Maintain hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams
  • Brief executive stakeholders on eviction plans and associated status
  • Maintain and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities
  • Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform
  • operationalize as they are delivered
  • Drive strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)
  • Participate in an on-call rotation
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Security Incident Response

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • equivalent experience
  • Active U.S. Government Secret Security Clearance
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Coordinates with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services
  • Conducts hands-on mitigation where possible
  • engages service owners when there is a risk of a production outage
  • Maintains hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams
  • Briefs executive stakeholders on eviction plans and associated status
  • Maintains and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities
  • Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform
  • operationalize as they are delivered
  • Drives strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)
  • Participates in an on-call rotation
  • Fulltime
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
United States
Salary
Salary:
169150.00 - 225000.00 USD / Year
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
  • Fulltime
Read More
Arrow Right