Microsoft Principal Security Researcher 

United States 

843223999

Required Qualifications

• 7+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • OR Doctorate in Statistics, Mathematics, Computer Science or related field.
• 7+ years designing and building knowledge graph structures, implementing graph algorithms, and writing graph queries (e.g., Neo4j Cypher, KQL Graph Semantics, Gremlin, Graphfames DSL) to explore attack paths and adversary behavior, as well as for development and security research.
• 7+ years of computer security industry experience with knowledge of adversary tradecraft and of emerging threats and techniques for attacks against cloud (e.g., Azure, AWS, GCP) and on-prem network environments.
• 7+ years analyzing and dissecting adversary tradecraft from both offensive and defensive perspectives, including identifying techniques, tactics, and procedures (TTPs) and developing countermeasures and mitigations.
• 7+ years coding with languages such as C#, Python and PowerShell and working with Azure Functions, Azure Static Web Sites, Azure Containers, Docker containers, Azure DevOps pipelines, Github actions, Github Codespaces, Visual Studio Code, and Jupyter Notebooks.

Other RequirementsAbility to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check:This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications

• Understanding of ontologies and their role in defining the schema for knowledge graphs.
• Experience in research areas such as generative AI/ agentic frameworks, large language models, risk quantification, anomaly detection, clustering, statistics, time series analysis or reinforcement learning.
• Effective written and verbal communication skills, ability to simplify and explain complex ideas.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until August 23, 2024.

• Develop and build a comprehensive knowledge graph to support the development of our security platform and agentic workflows.
• Support the generation of incident data either synthetically, using our own ontology, or by designing and running end-to-end attack simulations, contributing to our overall autonomy efforts and the development of security language models.
• Partner with applied researchers to enable the development of autonomous agents to defend and protect Microsoft. - Conduct data studies to gain a deep understanding of data produced by our technology and third-party services used by our customers, enhancing our ability to analyze and respond to security incidents.
• Cultivate global collaborations with security researchers to exchange knowledge, stay updated on emerging threats, and build partnerships with offensive security researchers to enhance our defensive capabilities and embrace cutting-edge offensive security research.
• Share knowledge with the community through engaging presentations, blog posts, papers, and active participation on social media channels, contributing to the broader information security ecosystem.
• Develop open-source tools for the community, enabling access to our research and best practices, fostering knowledge sharing, and empowering others to conduct their own experiments and learn from our threat research methodology.

Other

• Embody our and