Microsoft Principal Security Research Lead 

Germany 

900505207

Qualifications - Required:

• Relevant years of computer security industry experience with knowledge of adversary tradecraft, security operations, incident response, threat hunting, and of emerging threats and techniques for attacks against modern enterprise environments.

• OR Doctorate in Statistics, Mathematics, Computer Science or related field

• Relevant experience designing, prototyping, and driving engineering requirements for threat protection systems.

• Relevant people management experience.

• Relevant experience hunting for and investigating security incidents at scale with one or more of the following: Azure Synapse, Azure Data Lake, SQL, Cosmos, Kusto, or similar systems.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

• Experience within coding with languages such as C#, Python and/or PowerShell AND language independent data formats such as JSON/ YAML/XML.

• Experience applying MITRE ATT&CK to assess threat scenarios and protection coverage across both cloud and hybrid (cloud + on prem) attacks.

• Experience with endpoint, identity, cloud application, cloud infrastructure, email, network and/or other threat detection, and prevention technologies.

• Experience with security orchestration, automation, and response (SOAR) technologies that span investigation and response automation across diverse security tool integrations.

• Experience with cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers.

• Research and delivery of security product features to general availability.

• Demonstrated experience in conducting data studies, including the ability to work with available telemetry and drive improvements with engineering teams for previously unexplored data sources.

• Experience with one or more of the following: Azure Functions, Azure Static Web Sites, Azure Containers, Azure DevOps pipelines, Github actions, Github Codespaces, and Jupyter Notebooks.

• Guide a team of security researchers to collaboratively build practical solutions towards quantifiable impact against in-progress attacks

• Work with data from many different security domains across email, identity, endpoint, and cloud to build the most accurate and precise automated protection capabilities.

• Collaborate closely with partner engineering and product management teams to push the boundaries of innovation.

• Demonstrate leadership principles of model, coach, and care for team members.

• Foster diverse perspectives and inclusive behaviors.

• Embody our culture and values.