Microsoft Security Researcher - Microsoft Defender 

Taiwan, Taoyuan City 

808921333

• Availability and willingness to cover a periodic on-call rotation for the team.
• 3+ years programming experience with Python, preferably including agentic AI workflows, machine learning model development, or similar projects.

Additional or Preferred Qualifications

• years experiencein software development lifecycle, large-scale computing, modeling, cyber-security, and/or anomaly detection
• ORMaster's Degreein Statistics, Mathematics, ComputerScienceor relatedfield
• Experiencequerying and analyzing large datasets, includingexperience buildinghunting or detection playbooks, monitoring dashboards, and/or automated alerting and investigation workflows.(e.g.SQL,Python/Jupyter,KQL/Azure Data Explorer, etc.)
• Proficiencyin using various security tools, including security information and event management (SIEM), endpoint detection and response (EDR), email security gateways,identity access management, network protection,and sandbox environments.
• Insatiable curiosity to learn about attacker patterns and behaviors, with a drive to build innovative detections andprotections.
• Understandthe cyber kill chain, especially attack scenarios originating fromcollaboration platforms,email,or web sitesalong withrelatedsecurity protocols and analysis tools.
• Solid understanding of attacker tradecraft
• Experience responding to customer escalations and reporting investigative findings.
• Experience working through ambiguity to drive innovations indetections, monitoring,and internal team processes.
• Abilityto use data to “tell a story” andinfluence decision-making.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until July 17th, 2025.

• Respond to escalations to resolve detection effectiveness issues (misclassified malicious campaigns and false positives)

• Prototype automated detection solutions

• Conduct deep analysis and research on attacker campaigns and techniques to support durable detection investments and improve customer experience.

• Apply new data sources and technologies to improve customer protection and effectiveness measurement

• Conduct ad hoc studies and analysis to support day-to-day operations and guide protection strategy

• Author rules and create new hunting playbooks to detect and thwart evolving campaigns and investigating new attack patterns in the Teams product

• Engage and collaborate with diverse partner teams to drive a great customer experience and ensure holistic protection across the Microsoft Security stack.