**Overview**

The Cyber Defense Investigations – Escalations (CDI-ESC) team is Microsoft's deep-dive investigative arm within Cyber Defense Operations (CDO). We lead the most complex, high-severity, and nation-state security incidents across Microsoft's first-party cloud estate, conducting root cause analysis, blast radius assessment, threat actor attribution, and intelligence-driven hunting. Our work directly disrupts adversaries targeting Microsoft and our customers, and feeds platform-level fixes, detections, and intelligence back into the ecosystem.

Join Microsoft's CDI Escalations team and work at the forefront of cyber defense, investigating the most complex nation-state, supply chain, cloud, and identity-based attacks targeting Microsoft. Our team goes beyond traditional incident response, we combine deep investigations, threat hunting, intelligence operationalization, and cross-organizational collaboration to identify adversaries, drive platform-wide security i...