The security of our nation and preservation of our nation’s interest are critical to the safety and prosperity of the United States. Microsoft Corporation is proud to have the opportunity to serve as a trusted company of high-risk systems and is seeking a qualified candidate to join our National Security organization as a Senior Counterintelligence (CI) Threat Specialist in Redmond, WA.

The selected candidate is responsible for conducting and managing CI investigations, developing countermeasures derived from foreign threats to national security, knowledge of supply chain risk management (SCRM), apply and develop countermeasures on insider threat and CI risk indicators, and understanding of the National Industrial Security Program Operating Manual (NISPOM) and its reporting requirements.

This position requires strong analytic and written communications skills, such as those that would be required to enable non-technical business managers to make informed, proactive, risk-based decisions related to incident prevention, detection, containment, and remediation.

The candidate should have working knowledge and experience with networking, cryptography, identity and access control, open-source software, scripting, and cloud programming and infrastructure.

This individual should also act decisively and exhibit strong decision-making skills and other interpersonal skills, enabling them to work well with those around them and successfully partner with professionals inside and outside of the security program.

Security Clearance Requirements: The successful candidate must be a US citizen and have an active US Government Security Clearance based on a Tier 5 investigation, formerly Single Scope Background Investigation (SSBI) and pass a polygraph. Candidate must be able to travel to customer sites as required. The selected candidate must be able to start within 30 days of offer acceptance.

Responsibilities

Core Responsibilities:

Identify security program gaps and process improvement.  Examine, prioritize, analyze, and mitigate threats.

Generate reporting with a synthesized view of enterprise-wide, counterintelligence and insider threat risks and impact.

Collaborate with business partners to detect, assess, mitigate and anticipate collection activities directed at the company.

Conduct complex CI inquiries, produce reports, and collaborate with other functions to mitigate risk to the company.

Assist in the analysis, coordination, and integration of intelligence information to assess developments, trends, and threat implications.

Promote alignment and coordinates priorities with other key organizational functions across the company.

Develop CI training and informational materials for Microsoft employees.

Respond to workforce tips and manages day-to-day operations, including inquiries and incident support.

Responsible for analyzing, documenting, and responding to suspicious events.

Develop methods and analytics for detecting advanced threats.

Qualifications

Basic Qualifications:

Eligible or active TS Security Clearance, with SCI eligibility and polygraph preferred (most recent Tier 5 investigation within the last 4 years).

BA/BS in relevant intelligence, security, or information technology discipline.

8+ years of counterintelligence and insider threat risk or relevant experience.

Strong experience creating and/or implementing CI program protection plans, program protection plans, threat assessments, incident response plans, and/or supply chain risk management programs.

Practical experience of defensive counterintelligence.

Preferred Qualifications:

Deep experience with and/or knowledge of Intelligence Community Directives and the National Industrial Security Program.

Understanding of foreign deception and intelligence tactics, techniques, and procedures.

Strong knowledge of physical, cyber, information and personnel security concepts.

Strong analytical skills with the ability to recognize relationships across multiple events.

Strong verbal and written communication skills for both technical and non-technical audiences.

Strong program and personnel management.

Familiar with Microsoft Defender for Endpoint, Microsoft Sentinel and other Windows OS internals and Azure security mechanisms.

Knowledge of Microsoft IaaS, PaaS, and SaaS offerings.

Understanding of the National Industrial Security Program.

Familiarity working with extremely large data sets, using tools and scripting languages such as: Excel, SQL, Kusto, Python, Splunk, and PowerBI

Experience with advanced persistent threats and human adversary compromises.

Counterintelligence trained and certified.

Project Management Professional certified.

If hired for this position, the team you would be joining is part of our Cloud organization and/or works with government contracts and as such has a unique background check requirement, detailed below. Please note you will be provided with steps for completing the check if you accept a role on the team.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screening(s):   

Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.  

The successful candidates must have an active U.S. Government Top Secret Security Clearance. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate clearance and/or customer screening requirements may result in employment action up to and including termination.

Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

#CELA

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.