Microsoft Principal Threat Researcher 

Taiwan, Taoyuan City 

850894867

• 10+ years of experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms.
• Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments.
• Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities.
• Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions.
• Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments.
• Proven ability to work independently and deliver complete solutions.
• Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams.

We are seeking a Principal Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments.

• The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections.
• In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems.

Responsibilities include:

• Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments.
• Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities.
• Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response.
• Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base.
• Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems.
• Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud