Microsoft Senior Security Researcher 

United States, Washington 

864616285

Embody our and

• 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  
  • OR Experience with threat hunting/ digital forensics/reverse engineering/incident response etc.
  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field

Other Requirements:

• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

• Investigation/Cybersecurity/Digital Forensics/DFIR (Digital Forensic Incident Response) certifications (e.g. Certified Information Systems Security Professional (CISSP), SysAdmin, Audit, Network and Security (SANS), Global Information Assurance Certification (GIAC) etc.)
• Technical certifications based on domain (e.g., Azure, SharePoint)
  
• Experience with Active Directory and/or cloud identity.
• Experience with sophisticated threat actor evidence including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs)
• Use of forensic analysis tools such as X-Ways Forensics®, WinHex®, Encase®, FTK®, etc. Microsoft Azure and/or Office365 platform knowledge and experience
• Experience with various forensic log artifacts found in Security Informationa and Event Management (SIEM) logs, web server logs, Antivirus (AV) logs, protection logs such as Host-based Intrusion Detection Systerm (HIDS) and Network Intrusion Detection System (NIDS) logs
• Familiarity with Microsoft Defender 365 security stack (for Endpoints, Identity, Cloud, etc), especially with Advanced Hunting query writing
• Understanding of Windows and Azure internals and where trace evidence can be found
• Knowledge of third-party cybersecurity solutions, especially Extended Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions
• Experience working with consulting companies is a plus.
• Linux and/or macOS forensic analysis and threat hunting skills
  

Security Research IC4 - The typical base pay range for this role across the U.S. is USD $112,000 - $218,400 per year.

Security Research IC5 - The typical base pay range for this role across the U.S. is USD $133,600 - $256,800 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

• Microsoft will accept applications and processes offers for these roles on an ongoing basis.

This role is part of a collaborative team, assisting our customers with:

• Performing analysis of attacker activity in on-premises and cloud environments
• Identifying potential threats, allowing for proactive defence before an actual incident
• Notifying customers regarding imminent attacker activity
• Providing recommendations to improve customers’ cybersecurity posture going forward and performing threat intelligence knowledge transfer to prepare customers to defend against today’s threat landscape
• Building proof-of-concept and prototype threat hunting tools, automations, and new capabilities
• Driving product and tooling improvements by conveying learnings from threat hunting and incident response at scale to engineering partner teams
• Identifies, prioritizes, and targets complex security issues that cause negative impact to customers. Creates and drives adoption of relevant mitigations and provide proactive guidance
• Works with others to synthesize research findings into recommendations for mitigation of security issues. Shares across teams. Drives change within team based on research findings.