Share
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Conduct in-depth research to develop detection mechanisms for novel and advanced offensive techniques — from exploits to implants.
Lead end-to-end implementation efforts: from offensive proof-of-concept (PoC) to scalable, deployable detection logic across agent and cloud platforms.
Focus on low-level Windows Internals –based detections, with the opportunity to expand into additional high-impact attacker surfaces.
Proactively hunt across diverse signal sources — including on-premises, hybrid, and cloud environments — to uncover stealthy threats and emerging attack techniques.
Stay current with the latest cyberattack trends and design robust, sophisticated detection logic across the full attacker kill-chain.
Build and implement innovative automated disruption capabilities that autonomously detect and mitigate attacks in real time.
Investigate real-world incidents to improve protection strategies and enhance the Microsoft Defender for Endpoint (MDE) product.
Collaborate with engineering and product teams to design security sensors, validate protection ideas, and measure effectiveness using data-driven approaches.
Engage with customers to identify product gaps, share insights, and enhance protection coverage based on real-world needs.
Contribute to the broader security community by authoring technical blogs , sharing research findings, and presenting at leading security conferences .
These jobs might be a good fit