Senior Network Security Automation Engineer

Microsoft

  • Sydney, NSW
  • Permanent
  • Full-time
  • 1 day ago
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day and we need you as a Senior Network Security Automation Engineer.Microsoft’s Cloud Operations & Innovation (CO+I) is the engine that powers our cloud services. As a Senior Cyber Security Engineer, you will perform a key role in delivering the core infrastructure and foundational technologies for Microsoft's online services including Bing, Office 365, Xbox, OneDrive, and the Microsoft Azure platform. You will drive our technology strategy, lead by example, and support team members on their learning journey. You will implement and operate modern cloud and on premises cybersecurity controls to defend Microsoft datacenter critical infrastructure from threat actors. Leveraging multiple solutions and partnering with internal and external teams, you will be at the forefront of advancing industrial network cybersecurity capabilities.Through on the job learning and bi-directional mentorship, this opportunity will allow you to gain cyber defense, automation, and networking skills and experiences that are rare in both networking and security organizations, and in high demand across multiple industries. This is a flexible work opportunity for you to work from home partially or fully if desired.As a group, CO+I is focused on personal and professional development for all employees and offers trainings and growth opportunities including Career Rotation Programs, Diversity & Inclusion trainings and events, and professional certifications.Our infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers. Our foundation is built upon and managed by a team of subject matter experts working to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide.With environmental sustainability and optimization at the forefront of our datacenter design and operations, we continue to grow and evolve as we meet the ever-changing business demands that hold Microsoft as a world-class cloud provider.Do you want to empower billions across the world? Come and join us in CO+I and be at the forefront of the action!Responsibilities:Responsibilities:
  • Manage and optimize network security infrastructure including NGFWs (e.g., Palo Alto Networks, Checkpoint), IDS/IPS, and segmentation.
  • Develop and maintain secure Azure cloud environments using Infrastructure-as-Code (IaC) tools such as Terraform or ARM templates.
  • Build and maintain CI/CD pipelines in Azure DevOps with integrated security controls.
  • Document automation workflows, APIs, scripts, and system designs.
  • Proactively identify and investigate potential issues and patterns in security controls and drive mitigation strategies, while also implementing automation to improve efficiency and effectiveness across the network.
  • Install, upgrade, and maintain security hardware, operating system and software.
  • Identify gaps in security policy and administration, recommend solutions, and implement new and revised security standards, while working with partner teams to drive consistency and awareness.
  • Maintain standards and drive improvements for our customer and partner experience, responding appropriately to emerging issues and advocating for our customer experience through development and analyzation of key metrics, performance indicators, and other data sources (e.g. bugs, unhealthy data pipeline). Respond to escalations and recommend improvements as appropriate to address gaps.
  • Participate in on-call rotation to support security services.
  • With minimal guidance, analyze attempted or successful efforts to compromise systems security and, alongside partner teams, create recommendations to limit exposure, implement response plans, and take action.
  • Analyze potential or actual intrusions identified from monitoring activities and create detections based on available data (e.g., Indicators of Compromise [IOC] and Tools Tactics Procedures [TTP]).
OtherEmbody our and .Qualifications:Required Qualifications:
  • 4+ years of experience in Network Security Engineering (multi-vendor next-gen firewall experience, IDS/IPS, network engineering (routing/BGP) and network/infrastructure automation (Python, Ansible etc).
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
  • Strong background in Firewalls or Intrusion detection or prevention systems.
  • High proficiency in Python
  • Hands-on experience with Ansible for network automation and configuration management.
  • Ability to design, develop, and integrate RESTful APIs
  • Networking & Security Fundamentals: Solid understanding of routing, IPSec, firewall policies
  • Proficiency with Git and collaborative development workflows
Background Check Requirements:Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
While not required, we also look for the following Preferred Qualifications:
  • Cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), cloud security, and operations incident response.
  • CISSP, CISA, CISM, SANS, GCIA, GCIH, OSCP, PCCSE, PCNSE, PCSAE, CCNP Security, CCIE Security and/or Security+ certification.
  • Any experience with industrial control systems is preferred (not mandatory).
  • Experience with Nautobot for network source-of-truth alignment, and Django would be considered highly beneficial
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the .

Microsoft