CrawlJobs Logo

Security Operations Engineer II

United States, Redmond 100600.00 - 199000.00 USD / Year · Job Posted April 01, 2026
Apply Position
Job Link Share

Job Description

Microsoft 365 continues to experience incredible growth as the company focuses on its productivity cloud strategy and enabling secure remote work for its customers. As part of Microsoft Engineering, The FastTrack team has a primary role driving this strategy and is looking for individuals that share in the passion to drive business value and customer success using Microsoft 365 and related technologies. To successfully deliver this, FastTrack is constantly pursuing new ideas and approaches to engage with our customers to get them to work smarter, faster, and more securely every day. The Microsoft 365 FastTrack Security and Privacy team builds and manages the common infrastructure that is used across FastTrack in partnership with the teams that develop on and utilize the infrastructure. This team operates in a global model. This is an exciting opportunity for a Security Operations Engineer to be part of this team.

Job Responsibility

  • Ensure accuracy and comprehensiveness in security policy, and design mitigation strategies for identified gaps
  • Collaborate with internal and external parties to ensure service level agreements are reached when addressing threats
  • Design for the customer experience by sharing best practices, interacting directly with customers, and resolving issues
  • Recommend mitigation strategies based on identified security trends
  • Analyze specific aspects of attempts to compromise systems security
  • Use monitoring techniques to identify intrustions
  • Understand how weaponized code can be used and recommend potential detections and signatures for defense capabilities
  • Design evolving common infrastructure architecture for our organization
  • Support development teams with securing applications and services
  • Stay relevant with emerging Azure features including risk and security principles
  • Partner with engineering, program management and operations personnel within the FastTrack organization implementing secure infrastructure improvements to processes and technologies

Requirements

  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check

Nice to have

  • 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection
  • Master's Degree or Doctorate in Statistics, Mathematics, Computer Science or related field
  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, and/or Security+ certification
  • 4+ years of experience in one ore more
  • Azure infrastructure, software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Operations Engineer II

8 matching positions

Security Operations Engineer II

We’re building the foundation for how Information Systems and Security Operation...
Location
Location
United States , Austin
Salary
Salary:
80000.00 - 85000.00 USD / Year
astronomer.io Logo
Astronomer
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience with Python (or similar scripting languages) and APIs
  • Strong troubleshooting skills across endpoints, identity/access, and collaboration platforms
  • owning issues through to resolution
  • Hands-on SecOps exposure using tools like EDR/SIEM/SOAR for alert triage, investigation, and incident handling (or closely related experience with the ability to ramp fast)
  • Data and analytics mindset with comfort pulling, cleaning, and analyzing operational data (tickets, alerts, logs) to guide decisions
  • Automation capability using scripting (Python or similar), APIs, and/or orchestration—building safe, auditable workflows that may leverage GenAI/ML for enrichment or decision support
  • Clear communicator who stays calm under pressure, comfortable navigating ambiguity and proposing structured solutions
  • Demonstrated curiosity and learning agility, with interest in growing across IT, security, and data/automation
Job Responsibility
Job Responsibility
  • Own Tier 2 escalations across endpoints, identity & access, collaboration tools, and core services—balancing fast resolution with long-term quality
  • Investigate root causes of recurring issues and design durable fixes that prevent repeat incidents (vs. one-off workarounds)
  • Develop secure configuration standards and baselines spanning endpoints, GenAI, orchestration, and SaaS/cloud infrastructure, and iterate on them to support scale and reliability
  • Shape incident/problem/change practices by proposing safe changes with clear rollback plans and improving how the team learns from incidents
  • Create operational documentation (knowledge base articles, runbooks, reusable patterns) that reduces escalations and uplevels the service desk
  • Triage and investigate security alerts in EDR/SIEM/SOAR, escalate effectively, and coordinate containment to recovery using playbooks with clear timelines
  • Build and improve automations + analytics (GenAI/ML workflows, scripts/APIs, dashboards) to streamline tasks like alert enrichment, ticket routing, lifecycle changes, remediation flows, and ongoing operational reporting
  • Partner on vulnerability and patch management by prioritizing issues, tracking remediation to SLAs, and verifying closure in measurable ways
What we offer
What we offer
  • equity component
  • Fulltime
Read More
Arrow Right

Security Operations Engineer II

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in security operations, IT operations, technical support, or engineering roles supporting production systems
  • Strong understanding of identity and access fundamentals, including authentication and authorization protocols (OAuth 2.0, OIDC, SAML, certificate-based authentication) and common token flows
  • Hands-on experience with Microsoft Entra ID / Azure AD, including MFA, Conditional Access, session controls, Privileged Identity Management (PIM), and identity lifecycle operations
  • Experience supporting directory synchronization and device identity, including Entra Connect or Cloud Sync, Azure AD joined, hybrid joined, and registered devices, and how device posture influences Conditional Access
  • Working knowledge of application identity, including app registrations, delegated and application permissions, consent flows, API scopes, and identifying common configuration issues
  • Ability to analyze identity logs and telemetry, such as sign-in, audit, token, and provisioning logs, using tools like the Azure portal, KQL, Graph Explorer, Azure Monitor, or IcM
  • Demonstrated troubleshooting and automation mindset, with experience scripting or building basic automation to reduce manual work, improve support quality, and collaborate effectively with engineering and security teams
Job Responsibility
Job Responsibility
  • Participate in the on-call rotation as a Designated Responsible Individual (DRI), providing dependable and timely operational support for identity services
  • Deliver day-to-day security operations support across Microsoft Entra ID and Azure Active Directory, including authentication, authorization, and directory services
  • Execute identity lifecycle operations such as access provisioning and deprovisioning, group and role management, and access governance activities
  • Troubleshoot and resolve identity-related incidents, including MFA and Conditional Access failures, SSO and token issues, service principal misconfigurations, device join problems, and directory synchronization errors
  • Monitor service health, identity logs, and alerts to proactively identify issues and maintain service reliability and security compliance
  • Investigate, triage, and mitigate production incidents with clear communication, accurate diagnosis, and timely resolution to minimize customer impact
  • Contribute to root-cause analysis and post-incident reviews, supporting follow-up actions to reduce repeat incidents
  • Develop and maintain scripts and basic automation to streamline identity operations, improve first-contact resolution, and reduce manual and repetitive work
  • Assist in building self-service and preventative solutions such as identity health checks and policy drift detection
  • Identify recurring operational issues and collaborate with engineering partners to implement automation-first improvements that reduce operational noise and incident volume
  • Fulltime
Read More
Arrow Right

Security Engineer II - Windows Security

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
  • 5+ years of experience in a software engineering or security-related engineering
  • Public track record of relevant security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right
New

Network Operations Engineer II

The Network Operations Engineer II is responsible for maintaining and monitoring...
Location
Location
United States , Phoenix
Salary
Salary:
Not provided
SwitchThink Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or other related topic preferred
  • Equivalent combination of education and experience required
  • 6+ years Network Operations, Network Engineering, Data Center Management required
  • 4+ years experience with Management of Palo Alto Firewalls required
  • 4+ years experience working in a regulated environment providing SOX, PCI, SSAE, NCUA, or FDIC governance required
  • 1+ years experience in Server administration, Security administration, Cloud and emerging technologies such as Software Defined Networks required
  • Deep understanding of routing and switching protocols in a highly available data center environment required
  • Deep knowledge of supporting infrastructure related disaster recovery scenarios
  • Expertise managing Software defined networking leveraging VMWare NSX required
  • Expertise constructing security policies using Palo Alto Firewalls required
Job Responsibility
Job Responsibility
  • Maintains network and security solutions maintaining highly available, standardized, and regulated datacenters and distributed networks
  • Implement highly secure network solutions leveraging networking tools including VMware, Cisco IOS, PaloAlto Firewalls, Load Balancers, wireless access points, and SD-WAN solutions
  • Support CUSO Client VPM implementations and support vendor and client connectivity
  • Analyze, isolate, and remediate issues and monitor networks to ensure security, availability, and performance
  • Leverage advanced networking protocols to strategically drive the networking environment to drive scalable solutions
  • Support multi-carrier WAN network connecting 50+ branch locations and a growing number of external clients located across the country
  • Implements and supports CUSO client VPNs implementation for vendors and client location connectivity
  • Protecting data, software and hardware by coordinating, planning, and implementing network security measures
  • Perform other job-related duties as assigned
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Lead Threat Detection & Incident Response: Proactively identify and respond to sophisticated threats by analyzing diverse security signals, driving rapid containment, and reducing risk to critical systems and data
  • Own End-to-End Investigations: Perform deep-dive investigations into complex security events, determine scope and root cause, and drive incidents to resolution with clear documentation and action
  • Drive Cross-Functional Security Outcomes: Partner with threat intelligence, detection engineering, product teams, and researchers to translate insights into actionable improvements in detection, response, and remediation
  • Advance Detection & Response Capabilities: Identify gaps in existing detections and workflows, and contribute to building, tuning, and scaling automation and detection logic to improve coverage and efficiency
  • Enable Operational Excellence at Scale: Leverage data, analytics, and security telemetry to prioritize work, improve investigation quality, and enhance consistency across a globally distributed operations model
  • Continuously Evolve Against Emerging Threats: Stay ahead of the threat landscape by applying new techniques, tools, and intelligence to strengthen investigative depth and response effectiveness
  • Foster a Learning & Knowledge-Sharing Culture: Contribute to team growth through mentorship, documentation, and sharing best practices to elevate overall team capability and performance
What we offer
What we offer
  • Certain roles may be eligible for benefits and other compensation
  • Fulltime
Read More
Arrow Right

Iam Operations Engineer Ii

As an IAM Operations Engineer, you’ll support the day-to-day identity and access...
Location
Location
Brazil , Sao Paulo
Salary
Salary:
Not provided
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • 6+ years of experience in Identity and Access Management (IAM) operations or IT security administration
  • Hands-on experience with Okta, Active Directory, and Azure AD administration
  • Proficiency in Python, PowerShell, or Java scripting for process automation
  • Experience with Terraform or similar Infrastructure-as-Code (IaC) principles for IAM deployment
  • Working knowledge of authentication and authorization protocols including SAML, OAuth, OIDC, and LDAP
Job Responsibility
Job Responsibility
  • Administer and maintain enterprise IAM platforms including Okta, Active Directory, Azure AD, and SailPoint IIQ to ensure global availability and security
  • Build and maintain automation scripts and bot flows using Python or PowerShell to streamline the user lifecycle, from seamless onboarding to secure de-provisioning
  • Integrate IAM workflows with AI-powered chatbots and RPA frameworks to enable self-service access, reducing manual intervention and improving response times
  • Leverage AI/ML-based insights to detect identity anomalies, enforce the principle of least privilege, and strengthen our Zero Trust architecture
  • Monitor system health and operational metrics using dashboards in Tableau or Jira to proactively identify and resolve bottlenecks before they impact the business
  • Collaborate cross-functionally with Security, IT, and Compliance teams to implement automated incident response playbooks that remediate IAM issues at scale
  • Fulltime
Read More
Arrow Right

FedRAMP Security Engineer II

Location
Location
United States , Raleigh
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years of experience in cybersecurity/vulnerability management
  • FedRAMP experience (ideally) or minimum exposure
  • NIST 800-53 or other similar framework experience
  • Experience tracking vulnerabilities, tracking large volumes of findings and staying organized/accurate in data
  • Understanding of continuous monitoring, system visibility and audit readiness
  • Experience improving workflows through automation or scripting (Power Automate, PowerShell, Python)
  • Bachelor’s degree
Job Responsibility
Job Responsibility
  • Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables
  • Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure
  • Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation
  • Maintain an accurate, up-to-date view of vulnerability status across the environment
  • Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure
  • Monitor and report on aging vulnerabilities and SLA adherence
  • Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records
  • Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status
  • Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources
  • Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately
  • Fulltime
Read More
Arrow Right

Cloud Security Engineer Ii (Aws, Secops)

We are looking for a hands-on Cloud Security Engineer II (AWS, SecOps) to be the...
Location
Location
Salary
Salary:
Not provided
tripadvisor.com Logo
Tripadvisor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience securing a production environment in AWS
  • comfortable with its core security services (e.g., GuardDuty, Security Hub, WAF, CloudTrail)
  • good understanding of core AWS services beyond just security tools (e.g., VPC networking, EC2, RDS, S3, Lambda, EKS)
  • proficiency with Terraform for managing and securing cloud infrastructure
  • proven experience with the full lifecycle of security incidents
  • proficiency in at least one scripting language (e.g., Python, Go, Bash)
  • solid understanding of common web application vulnerabilities (OWASP Top 10)
  • demonstrated ability to use AI tools to improve efficiency, quality, and decision-making in day-to-day work
  • proven ability to operate effectively with a global-first mindset
Job Responsibility
Job Responsibility
  • Monitor, analyze, and investigate security alerts originating from our AWS infrastructure, application logs, and security tooling (WAF, SIEM, Cloud-Native tools)
  • respond to security incidents that directly impact the Tripadvisor Experiences application
  • triage vulnerabilities reported through our bug bounty program and other external sources
  • build and maintain security monitoring and alerting capabilities within our production environment
  • automate security operations tasks using scripting languages like Python or Go
  • configure, tune, and help manage security tools like our Web Application Firewall (WAF), AWS GuardDuty, and Security Hub
  • operationalize findings from application security tools (SAST, DAST, SCA) by working with engineering teams
  • conduct threat modeling for new features
  • collaborate with engineering teams and provide guidance on secure coding practices and architecture
What we offer
What we offer
  • Competitive compensation packages
  • base salary and annual bonuses
  • Work your way
  • flexible schedule
  • donation matching
  • tuition assistance
  • lifestyle benefit
  • travel perks
  • employee assistance program
  • health benefits
  • Fulltime
Read More
Arrow Right