Principal Security Researcher

Company: Microsoft
Location: Redmond
Posted on: January 20, 2023

Job Description:

The Microsoft Defender Experts Team is looking for security researchers! No matter how sophisticated attacker behaviors become, Microsoft 365 Defender will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks.---Our team uses deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root-cause analysis and generate custom alerts, ensuring that Microsoft 365 Defender customers are well equipped to quickly respond to threats identified in their unique environments. -Ensuring that no human adversary can operate silently begins with experts harnessing the powerful optics provided by Microsoft 365 Defender, across the attacker kill-chain, coupled with world-class detections.---We are looking for a researcher to help us harness the power of Microsoft's trillions of security signals to quickly identify and report the latest human adversary behaviors, drive critical context-rich alerts, build new tools and automations in support of helping customers identify threats, and drive innovations for detecting advanced attacker tradecraft. -ResponsibilitiesHelp researchers and security analysts scale by making them more effective and efficient. -Use statistical analysis techniques with deep understanding of the threat landscape to improve security operations. -Develop metrics to track service health. -Use experiments, data analysis, and effective communication to influence service operations strategy. - -Collaborate with threat researchers to understand new attack techniques; explore and correlate large data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, and investigate alerts for enterprise customers. -Collaborate with our data science and threat research teams to develop and maintain accurate and durable endpoint and cloud-based detections. -QualificationsBasic requirements include: -5+ years of experience in a technical role in the areas of Security Operations, Security Research, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team. -Experience using statistical analysis techniques to evaluate security operations. -Experience analyzing attacker techniques that leverage email and cloud-service tactics. -Skilled working with extremely large data sets, using tools and scripting languages such as: Excel, SQL, Python, Splunk, and PowerBI. -The following additional experiences are favorable, but not required: -Knowledge of---operating system internals, OS security mitigations & understanding of Security challenges in Windows, Linux, Mac, Android & iOS---platforms -Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques -Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements -Knowledge of major cloud and productivity platforms as well as identity systems and related security concerns -Experience with curation of Threat Intelligence -Experience with direct customer communication in a service delivery role -Ability to use data to 'tell a story' -Experience with reverse engineering, digital forensics (DFIR) or incident response, or machine learning models -Experience with system administration in a large enterprise environment including Windows and Linux servers and workstations, network administration, cloud administration -Experience with offensive security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks - -Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC certifications -Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:--- -Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.#MSecR #MSFTSecurity #DEXJobs -Security Research IC5 - The typical base pay range for this role across the U.S. is USD $133,600 - $256,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $173,200 - $282,200 per year.Microsoft has different base pay ranges for different work locations within the United States, which allows us to pay employees competitively and consistently in different geographic markets (see below). The range above reflects the potential base pay across the U.S. for this role (except as noted below); the applicable base pay range will depend on what ultimately is determined to be the candidate's primary work location. Individual base pay depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time. At Microsoft certain roles are eligible for additional rewards, including merit increases, annual bonus and stock. These awards are allocated based on individual performance. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role. Benefits/perks listed here may vary depending on the nature of employment with Microsoft and the country work location. U.S.-based employees have access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, wellbeing benefits, paid vacation time, paid sick and mental health time, and several paid holidays, among others.Our commitment to pay equity We are committed to the principle of pay equity - paying employees equitably for substantially similar work. To learn more about pay equity and our other commitments to increase representation and strengthen our culture of inclusion, check out our annual Diversity & Inclusion Report. ( https://www.microsoft.com/en-us/diversity/inside-microsoft/annual-report )Understanding roles at Microsoft--- The top of this page displays the role for which the base pay ranges apply - Security Research IC5.The way we define roles includes two things: discipline (the type of work) and career stage (scope and complexity). The career stage has two parts - the first identifies whether the role is a manager (M), an individual contributor (IC), an admin-technician-retail (ATR) job, or an intern. The second part identifies the relative seniority of the role - a higher number (or later letter alphabetically in the case of ATR) indicates greater scope and complexity.Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. - We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request -via the Accommodation request form.Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.Benefits and PerksIndustry leading healthcareSavings and investmentsGiving programsEducational resourcesMaternity and paternity leaveOpportunities to network and connectDiscounts on products and servicesGenerous time awayJob SummaryJob number: 1504354Date posted : 2022-12-17Travel: 0-25%Profession: Security EngineeringRole type: Individual ContributorEmployment type: Full-TimeExperience: Experienced professionals

Keywords: Microsoft, Redmond , Principal Security Researcher, Other , Redmond, Washington