Microsoft Senior Security Researcher - Microsoft Defender 

Taiwan, Taoyuan City 

685739104

• 8+ years of hands-on experience in cybersecurity research , preferably in endpoint or network-based threat scenarios.
• Deep understanding of Windows OS internals including User & Kernel mode architecture.
• Proven experience in low-level development , preferably in C or C++ on Windows platforms.
• Familiarity with cloud environments (e.g., Azure, AWS) and understanding of security challenges in hybrid or multi-cloud infrastructures .
• Strong grasp of modern attacker techniques, including MITRE ATT&CK and full kill-chain methodologies.
• Demonstrated ability to lead end-to-end research efforts from offensive PoC to scalable detection deployment.
• Experience in threat hunting across diverse signal sources (on-prem, hybrid, and cloud).
• Coding proficiency in at least one of the following: C, C++, C#, Python, or Rust .
• Curious, analytical mindset with the ability to thrive in ambiguous and evolving threat landscapes.
• Excellent collaboration and communication skills, with experience working in cross-functional, global teams.

• Background in offensive security research or red teaming .
• Experience in reverse engineering (e.g., using debuggers, disassemblers, analyzing file formats).
• Hands-on knowledge of digital forensics , incident response, or threat intelligence.
• Prior contributions to the security community (e.g., blogs, conference talks, or whitepapers ).
• Familiarity with macOS, Linux , or other operating systems at the low level.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

• Conduct in-depth research to develop detection mechanisms for novel and advanced offensive techniques — from exploits to implants.

• Lead end-to-end implementation efforts: from offensive proof-of-concept (PoC) to scalable, deployable detection logic across agent and cloud platforms.

• Focus on low-level Windows Internals –based detections, with the opportunity to expand into additional high-impact attacker surfaces.

• Proactively hunt across diverse signal sources — including on-premises, hybrid, and cloud environments — to uncover stealthy threats and emerging attack techniques.

• Stay current with the latest cyberattack trends and design robust, sophisticated detection logic across the full attacker kill-chain.

• Build and implement innovative automated disruption capabilities that autonomously detect and mitigate attacks in real time.

• Investigate real-world incidents to improve protection strategies and enhance the Microsoft Defender for Endpoint (MDE) product.

• Collaborate with engineering and product teams to design security sensors, validate protection ideas, and measure effectiveness using data-driven approaches.

• Engage with customers to identify product gaps, share insights, and enhance protection coverage based on real-world needs.

• Contribute to the broader security community by authoring technical blogs , sharing research findings, and presenting at leading security conferences .