Microsoft Senior Security Researcher - Microsoft Defender Endpoint 

Taiwan, Taoyuan City 

864997824

Come and be part of a dynamic group, focusing on emerging threats against organizational -enterprise environments.

.As cyber-attacks have become more sophisticatedand evasive,MDE helps enterprises detect, investigate, andautomatically disruptadvanced attacks and data breaches on their networks.

and protect againsteven the most well-funded

detecting and disruptingsophisticated enterprise attacks

The job includesresearching novel attack techniques, hunting throughour rich sensor data,necessary optics for detecting maliciousand crafting detectionand protectionlogic to ensure compromise does not go undetected.

Required qualifications:

• BS+ in Computer Science\Computer Engineeringor equivalent engineering degree

• + years of software development/research experience

• In-depth knowledge and experience with the securitythreatlandscape,background in the modern attacker kill-chain and MITRE ATT&CK, preferably in endpoint/network -based threat scenarios.

• Full stack research capabilities - from technique PoC to detection engineering and implementation within all required organizationalprocess

• A drive to tackle hard problems withlevelof ambiguity.

• xtensive, practicalOS internalsknowledgeof Windows

• Low level development experience - preferably at windows environment atUser&Kernelmodes, at C\C++.

• For network role -Good knowledge of network protocols and services and network security practices.

• Excellent cross-group and interpersonal skills

• ode fluency ineitherC#,C, PythonorR

Preferred qualifications:

• Offensive security research experience

• Digital forensics, Incident responseandthreat huntingskills

• Reverse Engineering skills: familiar with debuggers, disassemblers, protocols, file formats

• Industry recognized author of security research papers, blogs, or books

• Low-level/security knowledge of other operating systems

• Familiarity with cloudenvironments, and hybridcloudenterprise services

• This position will berequiredto pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Primary responsibilities would include:

• Conduct in-depth research for detection mechanisms todetect novel andfront lineoffensive tradecraft – from exploits to implantsand End-to-end implementation from offensive PoC to wide-scale deployable detection PoC,necessarydevelopment on agent and cloud platforms.

• up to datewith latest trends in cyber-attacks and create robust, sophisticated detection logics across the entire kill-chain.

• analyse, and expandMDEsecurity, byexploringreal incidents,developingdurableprotectionstrategies, and circumventing threatsacross the entire kill-

• protectionideas, andvalidatetheir effectiveness using a data-driven

• drive ML based protections,understand,andidentifydetection gaps, capabilities,assumptions,and

• toidentifyopportunities,gaps,andconcernsto improve product protection value