Senior Security Researcher
Vancouver, BC, Canada
Our research team’s core mission is protecting Microsoft 365 users across devices, identities, applications, and data via cross-category, tightly integrated threat protection for sec ops and sec-admins. If you believe that cyber-attacks can happen without ever dropping an executable on disk and that a forward rule and a token can do more damage than Powershell, this role may be for you!
Protecting M365 users is a big challenge, but with the signals we have built today in Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity and Microsoft Cloud App Security, we are the best equipped company in the world to realize this opportunity and fundamentally change the security world, both for our customers and for attackers.
While each of the individual Microsoft Defender security products provide best in class protection across endpoints and cloud, combining all of these optics and protection capabilities brings the complete attacker behavior into focus like never before, allowing innovative new detection and response approaches across the entire attack graph and providing SOCs unparalleled scale, reduced time-to-investigate, and reduced time-to-remediate across their digital estate. To help design our single federated protection solution spanning all M365 security products, we are seeking a senior security researcher to join our Microsoft 365 Defender security research team.
- Perform attacker tradecraft research and threat landscape investigation across endpoint and cloud-based attacks spanning devices, identities, applications, and data.
- Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
- Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
- Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
- Provide subject matter expertise to customers based on industry attack trends and product capabilities.
- 5+ years of experience in cyber security with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against Azure/AWS and cloud services (O365, Exchange, Azure AD).
- BS or equivalent experience in computer science, engineering, or information technology.
- Understand and deep knowledge of few commonly used attack tools and frameworks used by Redteam
- Reverse engineering experience: familiar with debuggers, disassemblers, protocols, file formats.
- Proficient in at least one programming language such as Python, C#, or C++.
- Excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers.
- Experience working with and manipulating large data sets (i.e. billions of events per day).
- Offensive security research experience for cloud-based attacks.
- Industry recognized author of security research papers, blogs, presentations, or books.
- SOC or blue team experience involving the hunting and discovery of adversaries in enterprise environments.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Benefits and Perks
- Industry leading healthcare
- Savings and investments
- Giving programs
- Educational resources
- Maternity and paternity leave
- Opportunities to network and connect
- Discounts on products and services
- Generous time away
Your application has been successfully submitted.