Microsoft Threat Researcher Detection Engineering 

India, Karnataka, Bengaluru 

733169419

Qualifications:

• Bachelor's degree in Computer Science or a related technical discipline. Experience:
• Over 10 years in the computer security industry with a focus on technical roles, including Threat Hunting, Detection Research, Malware Analysis, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
• 1+ years of hands-on coding and scripting experience, showcasing proficiency in Regex, Python, SQL, KQL, and PySpark.
• Data Analysis and Detection Research: Proficient in working with large datasets for analysis and visualization, utilizing tools and scripting languages such as Excel, SQL, Python, Splunk Query Language, Kusto Query Language, Jupyter Notebooks, and PowerBI.
• Experience in analyzing security product Telemetry and different related logs Threat Analysis: Functional understanding of common threat analysis models, including the Cyber Kill Chain and MITRE ATT&CK.
• Ability to track, analyze, and brief on new and ongoing cyber-attacks, demonstrating knowledge of identity and popular authentication/authorization protocols. Technical Skills: Experience using analysis tools (e.g., file/network/OS monitoring tools and/or debuggers) and in-depth knowledge of operating system internals and security mechanisms.
• Proficiency in endpoint protection technologies, particularly EPP/EDR, with expertise in tools like Microsoft Defender for Endpoint.
• Familiarity with reverse engineering, digital forensics (DFIR) or incident response, and exposure to machine learning models.
• Offensive Security Knowledge: Experience with offensive security practices, including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing strategies to breach enterprise networks.
• Exposure to advanced persistent threats and human adversary compromises. Defensive Mindset: Strong understanding of the attacker mindset and the ability to apply defensive tactics to protect against it. Broad, general familiarity with the threat landscape affecting enterprise customers.
• Communication Skills: Excellent verbal and written communication skills in English. Certifications: Cybersecurity-based certifications such as CISSP, OSCP, CEH, or GIAC certifications.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

• Cutting-Edge Detection Development: Pioneering the creation of high-impact detection mechanisms through advanced analytics, encompassing the exploration and correlation of extensive datasets.
• Precision engineering of detection rules to deliver timely and accurate alerts, fortifying our clientele against emerging cyber threats. Detection Coverage Optimization: Spearheading initiatives to eradicate detection coverage gaps by architecting innovative detection rules that transcend conventional boundaries.
• Elevating the Signal-to-Noise Ratio (SnR) and relevance of existing detections through meticulous lifecycle management, ensuring a discerning and focused threat landscape. Trailblazing Threat Research: Undertaking the relentless pursuit of cutting-edge attack techniques, meticulously monitoring and cataloging changes in the tradecraft of threat actor groups.
• Synthesizing acquired insights into actionable intelligence, fortifying our defenses against the ever-evolving threat landscape. Synergetic Collaboration for Precision Rules: Orchestrating synergies with interdisciplinary partners in data science, platform engineering, and threat intelligence.
• Contributing to the formulation and perpetual refinement of high-fidelity detection rules, aligning our defenses with the pinnacle of industry standards.
• Closely collaborate with the incident response team to improve the reliability and quality of alerts. -Your technical skills, collaboration and teamwork will help to ensure that our detection system works well to better Secure customers.
• Proactive Threat Hunting Innovation: Innovating and engineering bespoke hunting tools and automations to proactively unearth and neutralize threats posed by human adversaries.
• Seamlessly integrating advanced hunting tools into our detection and response framework for enhanced proactive threat mitigation.