aicareerspace
Back to jobsJob overview

About the role

Senior Security Researcher at Microsoft

Required Skills

pythonpowershellgocloud securityred-teammitre att&ckllmadversary simulation

About the Role

Senior Security Researcher role focused on designing and automating full-scope attack chains across cloud and endpoints. Responsibilities include codifying techniques into playbooks, generating telemetry for detection research, and collaborating with scientists to develop defensive insights. The role requires hands-on red-team experience and expertise in identity, cloud, and endpoint security.

Key Responsibilities

  • Discover and prototype new adversary techniques across identity, Windows endpoints, and cloud services
  • Codify techniques into reusable code modules and end-to-end attack playbooks
  • Build and maintain safe execution pipelines for running playbooks at scale
  • Partner with applied scientists and detection engineers to analyze logs and translate findings into detection logic
  • Expand, document, and version the technique library while enforcing guardrails

Required Skills & Qualifications

Must Have:

  • Master's Degree in Statistics, Mathematics, Computer Science or related field OR 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • 3+ years of hands-on red-team, adversary-simulation, or purple-team work across hybrid environments
  • Demonstrated ability to design and codify full attack chains into automation or tooling (Python, PowerShell, Go, etc.)
  • Solid knowledge of Active Directory / Entra ID abuse, cloud-control-plane attacks, and endpoint tradecraft

Nice to Have:

  • Doctorate in Statistics, Mathematics, Computer Science or related field OR 6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • Proven record of shipping open-source security tooling or presenting original research at conferences
  • Experience building or extending graph-based attack-path discovery tools or similar relationship-analysis frameworks
  • Experience applying large-language models or multi-agent frameworks to security automation, adversary simulation, or detection engineering

Benefits & Perks

  • Industry leading healthcare