Microsoft Security Researcher - Microsoft Defender Endpoint 

Taiwan, Taoyuan City 

554906568

• You have B.Sc./M.Sc. degree in Computer Science or related technical discipline.
• You have at least 4+ years of hands-on experience in cybersecurity, with a strong understanding of the modern attacker kill-chain and MITRE ATT&CK, preferably in endpoint-based threat scenarios.
• You have Windows internals knowledge.
• You have a good knowledge in at least one programming language such as C# (preferred), Python, or C++.
• You have a good knowledge in at least one query language such as KQL, SQL, Cypher.
• You have an excellent cross-group, leadership and interpersonal skills.
• A growth-oriented and inclusive mindset, valuing diverse perspectives and continuous learning.
• Preferred: Experience in authoring of security research papers, blogs, or books. - Experience with Windows forensics and an understanding of key forensic artifacts, especially around lateral movement scenarios. - Experience with Cloud forensics, including identity attack artifacts and lateral movement techniques.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

• Conduct in-depth investigation and research of data across multiple endpoints and additional sources, to identify threats and sophisticated attack incidents.
• Keep up-to-date with latest trends in cyber attacks and create robust, sophisticated detection logics across the entire kill-chain.
• Collaborate with product management, security and engineering teams across the company to design innovative solutions and new disruption capabilities, and validate their effectiveness using a data-driven approach.
• Collaborate with data science teams to understand, identify and implement detection gaps, capabilities, assumptions, and improvements
• Demonstrate thought leadership, be able to engage and enlighten others through compelling meaningful content and informative sessions.