Microsoft Principal Security Researcher - Microsoft Red Team 

Taiwan, Taoyuan City 

367042325

Our teams focuses on the diversity of all types of candidates, and we strive to hire people with different experiences and perspectives into our teams. To that end, we know that no candidate has every desired skill and experience, but together we make a strong, effective teams.

• You have a B.Sc. or M.Sc. in Statistics, Mathematics, Computer Science or related field **OR** relevant practical experience (e.g. hands-on work in industry or service in a technology unit in the military).
• You have 10+ years of software security industry experience with knowledge of adversary tradecraft, security operations, and of emerging threats and techniques for attacks against modern cloud environments.
• You have 6+ years of hands-on experience in security research, including 4+ years in vulnerability security research.
• You have hands-on experience with AI/ML systems, including understanding of model architectures, adversarial ML, data poisoning, prompt injection, or security of LLM-based applications.
• Familiarity with emerging AI security risks, evaluation frameworks, or red teaming AI applications.
• A drive to tackle hard problems with level of ambiguity.
• You have knowledge of the security threat landscape, with experience in the modern attacker kill chain and MITRE ATT&CK - especially in AI-related threat scenarios.
  

Preferred Qualifications

• Proficiency in multiple programming and scripting languages.
• Proven track record of discovering and responsibly disclosing security vulnerabilities.
• Experience in Red Teaming or offensive cyber operations.
• 8+ years of hands-on experience in vulnerability security research.

• As a founding member, you will help shape the team’s culture and practices.

• Key responsibilities include:

  • Research and discover zero-day vulnerabilities in AI applications, models, and AI service ecosystems.

  • Work closely with Red Team operators and engineering teams to address findings and strengthen the resilience of AI-driven systems.

  • Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsoft’s AI infrastructure.

  • Develop tools and techniques to scale and accelerate adversary emulation and vulnerability discovery.

  • Advocate for security change across the company by building partnerships and clearly communicating the impact of risks.