Threat Context Analyst

The Microsoft Threat Analysis Center (MTAC) is looking for a Threat Context Analyst with proficiency in investigating and analyzing cyber-enabled influence operations from Russia and an ability to convey insights in both written reports and oral presentations. The analyst will leverage their language skills and geopolitical knowledge to develop assessments about how cyber and influence operations factor into national security and information security. They will contribute to MTAC’s mission to detect, assess, and disrupt digital threats to Microsoft, its customers, and democracies worldwide. MTAC is part of the Customer Security & Trust (CST) and Microsoft Global Affairs (MGA) organizations within Microsoft’s Corporate, External, and Legal Affairs (CELA) group.
 
In this role, the analyst will leverage regional, cultural, and geopolitical knowledge to develop reports on malicious nation-state cyber and influence operations from Russia. The position will require excellent written composition ability, professional oral briefing skills and rigorous attention to detail. The analyst will work collaboratively with Microsoft’s cybersecurity and data analytics teams, integrating open-source information with Microsoft proprietary data for internal and external audiences to mitigate threats.

Qualifications
Required/minimum qualifications

• Master’s Degree in Mathematics, Analytics, Engineering, Computer Science, Marketing, Business, Economics or related field AND 1+ year(s) experience in data analysis and reporting, business intelligence, or business and financial analysis
  • OR Bachelor’s Degree in Statistics, Finance, Mathematics, Analytics, Engineering, Computer Science, Marketing, Business, Economics or related field AND 2+ years experience in data analysis and reporting, business intelligence, or business and financial analysis
    • OR equivalent experience.
• Professional analytic experience working on cyber and influence threats arising from Russia.
• Experience conducting social media research and analysis.
• Proficient in using Microsoft Office Suite (e.g., Word, Excel, PowerPoint, Outlook) and other Microsoft tools such as Teams and SharePoint

Preferred qualifications

• Professional fluency in written and conversational Russian
• Additional language skills are a plus, particularly Eastern European languages.
• Experience tracking cyber and/or influence actors, infrastructure, and operational techniques.
• Experiance producing actionable threat intelligence or strategic analysis through written reports and products.
• Quantitative analytic experience is a plus.
• Experience in common database query languages (e.g. SQL, KQL) and demonstrable use of generative AI platforms and applications. 
• Excellent cross-group collaboration with experience building relationships.
• Experience collaborating with other analysts, technical collectors, and threat intelligence partners in government or industry is a plus.
• Ability to read and write code in at least one language such as: PowerShell, Bash, Python, Ruby, Java etc. is a plus.
   

Other Requirements: 

• Citizenship & Citizenship Verification: This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations.  As a condition of employment, the successful candidate will be required to provide either proof of their country of citizenship or proof of their U.S. permanent residency or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export-controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport. Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable.
• This position requires verification of citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport.

Business Analytics IC3 – The typical base pay range for this role across the U.S. is USD $85,100 – $169,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $112,000 – $185,300 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until September 18, 2025.

 
 

 
#CELA

Responsibilities

• Research and assess cyber and malign influence threats from Russia at the tactical and strategic levels by drawing on information from social media accounts and websites, foreign policy priorities, and perspectives from open-source reporting.
• Work closely with Microsoft Threat Intelligence colleagues in their investigations of Russian cyber operations and draw from their cybersecurity findings to inform analysis.
• Expand partnerships internally and externally to build resilience in the information environment and increase speed of threat detection.
• Develop innovative methods for detecting, diagnosing, and deterring the most advanced and prolific threats in the digital information environment.
• Write threat intelligence reports for executive audiences.