Microsoft Principal Security Researcher 

Taiwan, Taoyuan City 

859161669

Required/Minimum Qualifications

• years experiencein software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Doctorate in Statistics, Mathematics, ComputerScienceor related field.
• Proven experience working with or leading red team or purple team operations & offensive Security Research & tool development
• Proficient understanding of MITRE ATT&CK, threat modeling, and attacker tradecraft.
• Proficiency in scripting and automation (e.g., Python, PowerShell, KQL).

Other Requirements

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

• years experiencein software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Doctorate in Statistics, Mathematics, ComputerScienceor related

Microsoft will accept applications for the role until May 21, 2025.

• Conduct in-depth research on emerging threats, TTPs (Tactics, Techniques, and Procedures), and adversary behaviors.
• Research and document the data center threat landscape. Investigate large-scale telemetry data from Azure, postmortem attacks (including from red team operations), lead data driven experiments, understand attacker tactics and techniques, and develop strategies to prevent similar attacks in the future.
• Translate threat intelligence into actionable detection and mitigation strategies.
• Code, implement, and guide others to create production-level attack detections. This is likely to involve building big data cloud pipelines on cloud technologies such as Synapse Analytics or Azure Data Factory. Note that experience with these specific technologies is not a requirement.
• Use attack simulation frameworks to develop end-to-end campaigns to evaluate defensive capabilities. Threat hunting to discover real world advanced attacks together with designing and implementing automated protection solutions.
• Collaborate closely with security researchers, engineers, data scientists, and product managers to design and implement effective security solutions.
• Participate and in planning on how we should measure the most pressing threats to the Azure environment and guiding others in the creation and improvement of these metrics.
• Work with other teams to understand how we could leverage their product data to solve our most important Azure protection problems.
• Embody our Culture and Values