Microsoft Senior Security Researcher 

United States, Washington 

843074203

Required/Minimum Qualifications

• 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
• 3+ years experience as a red team operator with hands-on engineering expertise in developing custom tooling for adversary simulations and executing red team campaigns
• 2+ years experience proficiency as a reverse engineer and vulnerability researcher With or without: exploit development experience, including analyzing artifacts collected during campaigns, researching scoped targets, debugging binaries, and identifying exploitable flaws.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Additional or Preferred Qualifications

• 6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Doctorate in Statistics, Mathematics, Computer Science or related field

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:

Microsoft will accept applications for the role until January 29, 2025.

• Analyzes complex issues using multiple data sources to develop insights and identify security problems and threats. Creates new solutions to mitigate security issues. Makes tradeoffs to balance security and operational needs. Identifies and recommends process improvements and adopts best practices. Leverages the work of others to improve existing processes. Helps to drive resolution to systemic security issues through cross-team collaboration. Anticipates previously unknown potential artifacts that could be present in data as indicators of attacker activity.

• Collaborate with the MS Red Team and Applied Research Scientists to leverage AI-driven techniques, including LLMs and agentic systems, to identify and operationalize new adversarial techniques, address capability gaps in red team engagements, expand the internal TTP catalog, and support autonomous red team campaigns.
• Prototype, validate, and refine exploitation methods, using LLMs and agentic systems to discover vulnerabilities, develop exploits, and enhance workflows that automate and strengthen red team operations.
• Design and execute realistic attack simulations to test and improve methodologies, advancing offensive data analysis and supporting autonomous red team strategies.
• Champion innovative principles and forward-looking concepts guided by research trends in academia, OSS and industry.
• Cultivate global collaborations with security researchers to exchange knowledge, stay updated on emerging threats, and build partnerships with offensive security researchers to advance and integrate cutting-edge offensive security research shared within the community.
• Share knowledge with the community through presentations, publications, and active participation in social media, contributing to the broader information security ecosystem.

Other

• Embody our and