Embedded Escalation Engineer - Microsoft Defender for XDR
Microsoft
With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. We drive cross-company alignment and execution, ensuring that we consistently exceed customers’ expectations in every interaction, whether in-product, digital, or human-centered. CE&S is responsible for all up services across the company, including consulting, customer success, and support across Microsoft’s portfolio of solutions and products. Join CE&S and help us accelerate AI transformation for our customers and the world.
Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment.
In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Senior Technical Support Engineer, you will own, troubleshoot, and solve complex customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and deepen your technical proficiency.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
- Implements strategic business decisions with customers, partners, and teams to increase market share. Influences peers to implement strategy.
- Contributes to and/or develops automation techniques and diagnostic tools to improve cross-group effectiveness.
- Provides feedback to more senior engineers or serviceability team on functionality of products based on engagements with customers. Provides feedback to the product group for product improvement. Leverages overall product knowledge to determine if and when features require enhancements.
- Participates in case triage meetings and/or case discussions to share knowledge with other engineers and contribute to more rapid customer solutions. Utilizes learnings from triage meetings to identify and communicate readiness needs to manager or readiness team.
- Engages with engineering team to investigate product bugs, provides business impact, and collaborates with appropriate stakeholders and senior team members on fixes.
- Translates feedback and creates processes and workflows for case resolution.
- Acts as an advisor to the customer and handles complex, repeatable, or escalated cases that may become politically charged. Creates technical articles or knowledge base (e.g., edits or creates news/ knowledge-base articles) that is internal or customer facing for better customer understand. Provides best practices and education to ensure customer understands the problem in order to proactively resolve potential issues in the future.
- Performs complex product troubleshooting and remediation when needed. Works alongside the development teams to drive incident resolution for configuration, code, or other service deficiencies impacting customers. Analyzes patterns of problems and identifies workflows to optimize support engineering delivery for a team or region level.
- Reviews complex issues (e.g., multiple components of a product) and contacts customers to understand issue. Ensures customers stay informed as to the status/solution of their issue. Utilizes troubleshooting tools (e.g., event logs, performance traces) to help resolve customer issues.
- Collaborates on cross-team and cross-product technical issues by working with resources from other groups including support engineering groups, product groups, services team, and account team as needed to resolve complex customer issues.
Microsoft Defender for XDR:
- Lead engineering investigations to bring quicker issue resolution to Support incidents impacting our customers.
- Improve experience and drive key service improvements.
- Build solutions, tools, or troubleshooting guides, and help automate issue detection and diagnosis to enable customers to get self-help and minimize support case volume.
- You will help identify emerging trends or re-occurring escalation scenarios and drive engineering opportunities to mitigate and/or eliminate them from the workflow.
This can include a range of potential work item categories, such as self-healing mechanisms, self-serve, transparency, automation, and/or increasing the capabilities of our XDR support team, including the various Defender products under the XDR umbrella. You will contribute to the Product improvements by filing impactful bugs, design change requests and help developers to fix the bugs, ship the fixes to production to prevent future customers from getting impacted.
As a trusted advisor to the engineering team, you will suggest changes to future versions to better equip our support teams as well as our Partners and Customers and help influence in-market solutions today. As a customer ambassador, you will also partner with the engineering leadership for strategic technical, architectural and design discussions, and represent the customer voice in planning efforts. These strategic areas of focus will target our highest impact pain points for our Partners, Customers, and support team members.
Beyond extensive technical focus, this role requires the ability to communicate issues and recommendations clearly and concisely and build broad relationships with stakeholders to impact key business results for our business. The successful candidate will understand the competitive landscape and use this understanding to influence key decision makers in both Support and the Engineering Groups.
This position requires extensive cross-group coordination and excellent oral and written communication skills. Attention to detail, and a highly organized, process-focused aptitude are required to manage the variety of responsibilities and deliverables. You must be able to work well under pressure and deadlines, while also exhibiting flexibility and adaptability across a broad organizational matrix.
Qualifications
Required Qualifications:
- Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 3+ years of technical support, technical consulting experience, or information technology experience
o OR 5+ years of technical support, technical consulting experience, or information technology experience
o OR equivalent experience. - Proficient in technical and architectural knowledge of Windows OS internals, security, and networking
- Prior experience in Microsoft Defender for Endpoint (MDE) capabilities, including Automated Investigation and Remediation (AIR), Attack Disruption, RBAC/URBAC, Advanced Hunting, and alert investigation and response workflows.
- Exposure to Incident response processes and the modern malware threat landscape
- Experience working with Kusto Query Language (KQL)
- Prior coding or scripting experience (managed or unmanaged languages)
- English Language: fluent in reading, writing and speaking.
Other:
The ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
Preferred Qualifications:
- Microsoft Certifications
- Familiarity with Microsoft Defender XDR products beyond MDE, including MDI, MDO, MDC, and MDA, and their signal correlation model
- Understanding of security and management APIs, including authentication and authorization concepts
- Experience with Management technologies (SCCM, Intune)
- Knowledge of Azure Active Directory / Entra ID fundamentals, including identity, permissions, and role-based access model.
- PowerShell and/or Python for automation, investigation, and data enrichment
- Debugging Windows OS components, including kernel and user-mode analysis and memory dump analysis
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#CES #CSS #SCIM
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.