Overview Microsoft Defender Experts Team is looking for an experienced professional to join our detection and response team. No matter how sophisticated attacker behaviors become, Microsoft 365 Defender will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks. Our team uses deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root-cause analysis and generate custom alerts, ensuring that Microsoft 365 Defender customers are well equipped to quickly respond to human adversaries identified in their unique environments. Ensuring that no human adversary can operate silently begins with experts harnessing the powerful optics provided by Microsoft 365 Defender, across the attacker kill-chain, coupled with world-class detections. We are looking for someone who is passionate about this work to help us harness the power of Microsoft’s trillions of security signals to quickly identify and report the latest human adversary behaviors, drive critical context-rich alerts, build new tools and automations in support of hunting objectives, and drive innovations for detecting advanced attacker tradecraft. Responsibilities · Work directly with senior leaders of our customers’ security organizations as design partners on new cloud detection and response innovations, as well as to ensure excellent customer satisfaction with our products and services. · Partner with your team of Microsoft Threat Experts providing deep research and analysis of threats impacting our customers. · Work cross-functionally with engineering, marketing, and business leaders to innovate and deliver new security service offerings at a global scale. · Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection solutions/strategies across customer tools. · Work with other internal and external teams to forge new and improve existing partnerships that help mature the products that support Defender Experts service offerings. · Provide technical leadership in a challenging and rewarding environment and influence the organization. Qualifications Required Qualifications: - Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience. - Over 7 years of hands‑on experience in technical cybersecurity roles—including Security Operations, Threat Intelligence, Incident Response, and Penetration Testing/Red Team—demonstrating deep expertise in industry best practices, emerging threats, and SOC operations, along with advanced proficiency in deploying and configuring the Microsoft Defender XDR suite to strengthen enterprise security posture. - Advanced English level - Advanced Portuguese level. Additional or preferred qualifications: - Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience. - Ideally 300-level proficiency in Microsoft Defender Endpoint and Microsoft Defender Office, and 200-level in Microsoft Defender Cloud Apps, Microsoft Defender Identity, and Microsoft Defender Cloud. - Customer-Centric Mindset: Comfortable engaging with diverse stakeholders, possessing exceptional communication and interpersonal skills to navigate complex organizational landscapes. - Experience evaluating and translating customer needs, requirements, and challenges, and communicating solutions (positioning, technology, value, priority) and improvements to technical and non-technical stakeholders. - Experience leading a security function for a customer (i.e.: SOC manager, solution lead, Security engineer) - Knowledge of operating system internals and attack techniques in Windows, Linux, Mac, Android & iOS platforms - Experience with data analysis and cyber threat investigations in Sentinel - Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques - Knowledge of major cloud and productivity platforms as well as identity systems and related security concerns - Experienced with curation of Threat Intelligence and delivering customer briefings - Strong ability to use data to 'tell a story' - Experience with reverse engineering, digital forensics (DFIR) or incident response, or machine learning models - Experience with system administration in a large enterprise environment including Windows and Linux servers and workstations, network administration, cloud administration - Experience with offensive security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks - Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC certifications This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Role Description As a Cybersecurity Intern, you will collaborate closely with the Cybersecurity Operations team to support shared services and enhance operational efficiency across the organization. In this role, you’ll gain hands-on experience in daily cybersecurity operations while contributing to initiatives focused on automation and process improvement. You will be exposed to real-world enterprise environments, assisting in managing operational workflows and identifying opportunities to streamline processes using automation and AI-driven solutions. What you’ll get to do: - Support daily IAM and Messaging operations, including monitoring the cybersecurity mailbox - Help triage and categorize cybersecurity-related inquiries and incidents - Identify repetitive operational tasks and propose opportunities for automation - Assist in building simple automation workflows using tools such as: - Microsoft Power Platform (Power Automate) - Python scripting (basic) - SOAR platforms (e.g., XSOAR – exposure level) - Explore use of AI tools (e.g., internal AI platforms, ChatGPT, etc.) to support operational tasks - Contribute ideas on how AI can improve cybersecurity workflows and decision-making Qualifications - Currently enrolled in an undergraduate or postgraduate program in Cybersecurity, Information Security, Computer Science, Information Systems, or a related technical discipline - Curiosity, a passion for data, and cybersecurity - Basic understanding of Identity and Access Management (IAM) concepts - IT systems, networks, or cloud fundamentals - Familiarity with MS Office tools (Excel, Teams, Outlook) - Basic scripting (Python or similar) is a plus - Strong analytical thinking and attention to detail - Good communication skills and willingness to collaborate in a global team environment Requirements - Full-time availability of 37.5 – 40 hours weekly is required to be eligible for this opportunity. Benefits - Experience working for one of the fastest growing Human Capital Management technology companies in the world - Access to Dayforce’s development programs and resources - Ability to work with as well as create relationships with members across the globe - Autonomy to bring forth new ideas and optimize existing structures within the organization - Meaningful responsibilities, enabling you to obtain ‘real-world’ experience - Dynamic hands-on exposure to multiple business-units and stakeholders across Dayforce

MTSI is currently seeing to hire a Software Security Engineer to join MTSI supporting our infrastructure Information Technology team. This role is 100% remote, requires an active Secret Clearance with the ability obtain a Top Secret and US citizenship. As a Software Security Engineer, you will help embed security into the Software Development Lifecycle (SDLC) for the AIME Development Platform and the software built on it. Working with software engineers, architects, DevSecOps, cloud, and cybersecurity stakeholders, you will define security requirements, perform design reviews and threat modeling, guide secure coding and testing practices, and help teams deliver AI/ML, Modeling & Simulation (M&S), and other mission software more securely. Your focus will be software security within the SDLC, including support for compliance with NIST SP 800-171, the Secure Software Development Framework (SSDF, NIST SP 800-218), and related DoD and customer requirements. Rather than owning the full DevSecOps toolchain, you will partner with platform and DevSecOps teams to ensure security controls, evidence, and approval gates are appropriately integrated into the SDLC. How you will contribute to our National Security and Defense mission: As a Software Security Engineer, you will help embed security into the Software Development Lifecycle (SDLC) for the MTSI Development Platform and the software and solutions developed on it. You will work across software, DevSecOps, cloud, and cybersecurity teams to make security a built-in part of planning, design, development, testing, and release for AI/ML, Modeling & Simulation (M&S), and other mission software. You will focus on secure-by-design software delivery, applying security requirements early, guiding secure development practices, and helping teams generate the evidence needed to support audits and accreditation activities. This role emphasizes software security leadership within the SDLC, including alignment to NIST SP 800-171, the Secure Software Development Framework (SSDF, NIST SP 800-218), and DoD Enterprise DevSecOps reference designs and software factory patterns. You'll be a great fit for this role if you: - Are passionate about building security into software and delivery workflows from the start, not adding it at the end - Can translate security and compliance requirements into practical guidance for developers, architects, and program stakeholders - Understand how security fits across the SDLC and can work effectively with DevSecOps and platform teams without needing to own every pipeline component - Communicate clearly with software, cloud, cybersecurity, compliance, and leadership stakeholders - Can balance mission delivery, developer experience, and risk reduction in a fast-moving environment - Are self-driven, collaborative, and committed to continuous improvement of software security practices Job Responsibilities: Your essential job functions will include but may not be limited to: - Partner with software engineers, architects, DevSecOps engineers, and cybersecurity SMEs to embed security requirements and secure practices throughout the SDLC. - Define and refine software security requirements, control objectives, and secure development guardrails aligned to NIST SP 800-171, SSDF, RMF/CMMC, and customer requirements, as applicable. - Conduct threat modeling, security design reviews, and risk assessments for applications, services, APIs, and supporting development workflows. - Guide engineering teams on secure coding, code review, secrets management, dependency management, open source risk, and remediation of security findings. - Partner with platform and DevSecOps teams to integrate and tune security checks within SDLC workflows, such as SAST, SCA, secrets detection, IaC scanning, container scanning, and policy gates where appropriate. - Help map technical implementations and security evidence to compliance and accreditation needs, including support for audit, ATO, and cATO-related activities. - Review vulnerabilities, security defects, and architectural risks with engineering teams; help prioritize remediation and improve secure defaults over time. - Assess development tooling and workflows against DoD Enterprise DevSecOps reference designs and recommend improvements to strengthen trust boundaries, approvals, traceability, and software integrity. - Support secure use and governance of AI-assisted development tools and workflows in accordance with approved guardrails and data protection requirements. - Create reusable SDLC security guidance and developer training for use across projects. - Collaborate with compliance and cybersecurity stakeholders to validate control implementation approaches and improve the overall security posture of the development environment. Required Qualifications: Education: Bachelor's degree in Cybersecurity, Computer Science, Computer Engineering, or related field. Clearance Requirements: Active DoD Secret clearance required, with the ability to obtain and maintain a Top Secret clearance. Experience: - 5 years of professional experience in software security, application security, product security, cybersecurity engineering, or security-focused software engineering roles. - Strong understanding of secure SDLC practices and how security activities fit across planning, design, development, testing, release, deployment, and operations. - Experience applying security and compliance frameworks such as NIST SP 800-171 and the SSDF (NIST SP 800-218) to software development environments or software delivery processes. - Understanding of DoD Enterprise DevSecOps fundamentals and reference designs, and how security controls, testing, evidence, and approvals fit within software factories and CI/CD-enabled SDLC workflows. - Experience conducting threat modeling, security design reviews, architecture reviews, or technical risk assessments for software systems. - Working knowledge of common software security testing and review methods such as SAST, SCA, DAST, secrets detection, container scanning, or IaC scanning, and the ability to help teams use findings effectively. - Experience collaborating with software, platform, cloud, and cybersecurity teams to implement secure defaults, remediate findings, and strengthen development practices. - Demonstrated ability to communicate security risks, requirements, and tradeoffs to both technical and non-technical stakeholders. Preferred Qualifications: - Experience with Git-based development workflows and CI/CD platforms such as GitLab, including how security checks, approvals, and evidence can be integrated into delivery workflows. - Familiarity with cloud and container security concepts in Azure Government, Kubernetes, Infrastructure as Code, or similar environments used by modern software platforms. - Experience with RMF, CMMC, OSCAL, evidence generation, or scripting/automation used to support security validation, reporting, and continuous compliance activities. #LI-AT1

• Participates in the scoping and planning of annual compliance efforts • Assess the existence and operating effectiveness of all in-scope controls • Bring any control deficiency gaps to the attention of senior IT security personnel • Tests any controls that have been added or remediated • Produces testing result documentation • Manage the daily/weekly/monthly/quarterly access control processes • Participate in the Vendor Risk Assessment process, complete the initial/annual assessments, follow up with the vendor contacts in obtaining SOC reports, obtain clarifications for pending items.