CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Principal Applied Threat Intelligence Analyst

United States, Redmond Employment contract 142800.00 - 304200.00 USD / Year · Job Posted June 01, 2026
Apply Position
Job Link Share

Job Description

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Microsoft Security Research, is at the front line of defending Microsoft customers and the broader ecosystem against the world's most sophisticated threat actors. Our Applied Threat Production Intelligence team transforms raw signal from Microsoft's scale of telemetry into actionable, customer-facing intelligence that empowers defenders, informs product decisions, and shapes the public narrative on the threat landscape. We partner deeply across Microsoft Threat Intelligence, product engineering, research, marketing, and communications to ship intel that moves markets and protects organizations everywhere.

Job Responsibility

  • Author and publish high-impact threat intelligence reports (actor profiles, campaign analyses, trend reports, TTP deep-dives, vulnerability profiles) for both customer-facing and internal audiences
  • Translate complex technical findings into clear, prescriptive guidance for security operations teams, executives, and the broader defender community
  • Partner with product, research, marketing, and communications teams to land intelligence through Microsoft's customer-facing surfaces (Agentic Security, Defender XDR, Sentinel, blogs, briefings)
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups
  • Mentor analysts and contribute to tradecraft, analytic standards, and team-wide knowledge sharing

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter

Nice to have

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • 10 + years of experience in cyber threat intelligence, threat hunting, incident response, or a closely related security discipline
  • Demonstrated experience producing finished threat intelligence reporting for technical and/or executive audiences
  • Attribution experience creating threat groups, assessing connections between established threat groups, and communicating attribution assessments to internal stakeholders and customers in a timely manner
  • Working experience with Microsoft Sentinel and Microsoft Defender XDR (or directly comparable SIEM/XDR platforms)
  • Understanding of adversary tradecraft, the cyber kill chain, and frameworks such as MITRE ATT&CK, the Diamond Model, and structured analytic techniques
  • Written and verbal communication skills, with a portfolio of public or customer-facing intelligence writing
  • Experience with endpoint, cloud, network, and identity-based attacks and datasets
  • Comprehensive OS security/internals knowledge
  • Understanding of network protocols and analytical experience with network infrastructure data & telemetry
  • Reverse-engineering with static and behavioral binary analysis experience
  • Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK
  • Programming or scripting background (Python, PowerShell, C#, C++, etc.)
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Principal Applied Threat Intelligence Analyst

8 matching positions

Protective Intelligence Analyst

The Protective Intelligence Analyst is responsible for supporting the executive ...
Location
Location
United States , Austin
Salary
Salary:
95000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of recent protective intelligence experience supporting executive protection teams and principals, or 5+ years of equivalent military, law enforcement, or intelligence experience.
  • Bachelor’s degree in Intelligence Studies, International Relations, Homeland Security, or related field (or equivalent operational experience).
  • Formal Intelligence Training certification (Military, Government, Association, or Private Sector) required.
  • Advanced training in threat assessment, travel risk management, or protective intelligence preferred.
  • Skilled in open-source (OSINT) and social media research, threat monitoring, and incident verification.
  • Experience producing protective intelligence products—threat assessments, travel risk reports, route/residence assessments, and pre-travel advisories.
  • Ability to collect, vet, and analyze information using the intelligence cycle to create accurate, actionable, bias-mitigated reporting.
  • Strong understanding of global security, geopolitical risks, terrorism, crime, and crisis response as they relate to executive travel and operations.
  • Proven ability to support EP operations in real time, providing clear, concise, and timely threat updates to decision-makers.
  • Proficiency in Microsoft Office Suite and familiarity with protective intelligence platforms (e.g., Factal, Dataminr, Babel Street, LifeRaft, Echosec).
Job Responsibility
Job Responsibility
  • Threat Monitoring & Early Warning: Continuously monitor open sources, social media platforms, dark web, and client-specific intelligence tools for threats or hostile surveillance activity directed at principals, their families, residences, travel plans, or affiliated events.
  • Protective Research & Threat Analysis: Conduct in-depth research and analysis on persons of interest (POIs), hostile actors, and groups with the intent or capability to target principals. Assess motivations, capability, opportunity, and intent to identify potential attack indicators.
  • Travel Risk Intelligence: Provide proactive intelligence support to executive protection teams during domestic and international travel, including country risk assessments, route reconnaissance, hotel and venue security reviews, and incident monitoring during trips. Deliver timely updates to traveling principals and EP teams.
  • Protective Operations Support: Deliver actionable, real-time intelligence to EP teams in support of principal movements, protective advances, route planning, and residence/event security. Maintain constant threat environment awareness and communicate relevant changes.
  • Geopolitical & Environmental Risk Tracking: Monitor global and regional security issues, including terrorism, political unrest, crime trends, natural disasters, and health risks—that could affect principals’ safety during travel or at residences/events.
  • Actionable Reporting & Products: Produce timely, clear, and actionable intelligence products including: Threat assessments (strategic and tactical), Travel risk assessments (pre-trip and in-trip updates), Situation reports (SITREPs) and incident summaries, Route and location assessments (residences, hotels, venues, offices)
  • Threat Mitigation Recommendations: Provide practical, proportionate recommendations to EP teams on how to mitigate identified threats, risks, and vulnerabilities. Offer clear triggers and indicators for escalation or operational adjustments.
  • Database & Knowledge Management: Maintain a structured, cross-referenced database of threats, POIs, incidents, and lessons learned to support future operations and ensure continuity of protective intelligence programs.
  • Confidentiality & Security: Safeguard sensitive client information, personal identifiers, and operational details at all times, adhering to strict confidentiality and need-to-know principles.
  • Operational Integration: Serve as the intelligence liaison to executive protection, event security, and corporate security teams, ensuring protective intelligence is integrated into all protective operations.
What we offer
What we offer
  • Employee Assistance Program
  • Employee Discount Program
  • Tuition Discount Program
  • Training & Career Development Programs
  • Fulltime
Read More
Arrow Right
New

Principal Applied Threat Intelligence Analyst

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
142800.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • This position requires verification of U.S. citizenship due to citizenship‑based legal restrictions
Job Responsibility
Job Responsibility
  • Lead with AI to understand the threat landscape and the latest attacker tradecraft
  • Track threat actors, including financially motivated threat actors
  • their infrastructure, their targets, and their shifting techniques, tactics, and procedures
  • Translate complex technical findings into clear, prescriptive guidance for security operations teams, executives, and the broader defender community
  • Partner with product, research, marketing, and communications teams to ensure high-quality intelligence experiences through Microsoft's customer-facing surfaces and managed services (Agentic Security, Defender XDR, Defender Experts, Sentinel, blogs, briefings)
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups
  • Mentor analysts and contribute to tradecraft, analytic standards, and team-wide knowledge sharing
  • Fulltime
Read More
Arrow Right

Principal SOC Operations Lead

We are seeking a Principal SOC Operations Lead to join our Center of Excellence ...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zerofox.com Logo
ZeroFox
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent professional experience
  • advanced degree in intelligence, security studies, or a related field is a plus
  • 5+ years of experience in SOC operations, intelligence analysis, threat intelligence, or a comparable analytical environment
  • Demonstrated experience training, mentoring, or guiding analysts in structured analytical approaches
  • Experience working in scaled, high-volume SOC environments with diverse analyst populations
  • Proven ability to collaborate effectively with engineering, product, and training teams across time zones
  • Deep knowledge of SOC operations, intelligence analysis, and analytical tradecraft
  • Strong understanding of how analysts reason under uncertainty and time pressure
  • Ability to design workflows that support structured thinking and defensible decisions
  • Excellent written and verbal communication skills, particularly in explaining analytical reasoning
Job Responsibility
Job Responsibility
  • Strengthen consistency and defensibility of SOC decision-making across analysts, shifts, and regions
  • Apply deep understanding of the intelligence cycle (collection, evaluation, analysis, dissemination) to operational workflows
  • Observe analyst reasoning patterns to identify cognitive inconsistencies, training opportunities, areas where workflows can better support structured thinking
  • Design and refine workflows that help diverse analysts arrive at consistent, explainable, and defensible outcomes
  • Partner with training and documentation teams to reinforce analytical tradecraft, improve how intelligence reasoning is taught and evaluated
  • Collect and analyze operational and analytical data to distinguish skill gaps vs system limitations, noise vs meaningful signal
  • Develop clear, evidence-based narratives that inform leadership, product, and engineering decisions
  • Partner with engineering and product teams to identify opportunities for ML/AI implementation
  • Serve as a senior operational reference during complex or ambiguous escalation scenarios
  • Monitor the operational ticketing and case-management systems to identify critical escalations, recurring themes, or emerging risks, and to ensure that support teams are equipped with clear guidance, documentation, and escalation paths to address customer and internal requests effectively
What we offer
What we offer
  • Competitive compensation
  • Community-driven culture with employee events
  • Generous time off
  • Best-in-class benefits
  • Fun, modern workspace
  • Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture
  • Fulltime
Read More
Arrow Right
New

Senior Consultant - CRM (Proactive Services) Unit 42

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation's security operations program, organisational structures, and capabilities
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • Defensive Security Skills (desired)
  • Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs
  • Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats
  • Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements
  • Experience in conducting threat hunting and/or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment
  • Relevant industry certifications including GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP
  • Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001/2, PCI, CIS 18, CMMC
  • 3+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards
Job Responsibility
Job Responsibility
  • SOC Advisory
  • Principal Cloud Security
  • Principal Cyber Risk Management
Read More
Arrow Right
New

Program Specialist

The Program Specialist is responsible for… Lead the program change and understan...
Location
Location
United States , Woonsocket
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors degree required
  • Minimum of three years working experience in total – with experience in program management in consumer product testing, quality assurance, process/quality engineering or design for manufacturability
  • An equivalent combination of education and experience may be accepted in lieu of the above.
Job Responsibility
Job Responsibility
  • Lead the program change and understand the program requirements
  • Clearly understanding account priorities and initiatives by using project plan to achieve
  • Regular review of progress internally and have regular review with clients on the progress
  • Handle the program changes in a holistic approach to consider every detail and clarify with Operations if needed, then work with processes and assess the success of implementation
  • Ensure program instruction is written in clear, simple and executable manner
  • Daily or weekly service delivery monitoring, check daily on problem areas
  • Active management with lab for resolution
  • Regular calls, discussions and meetings with Account Management
  • Sharing presentations, meeting notes and key messages
  • Involving Technical Consultants, engagement with the client when necessary
  • Parttime
Read More
Arrow Right
New

Workplace Experience Enabler

This position is in its nature proactive and focused on the detail, to ensure wo...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
jll.com Logo
JLL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent verbal and written communication skills
  • A minimum of 3 years in the facility management industry/hospitality industry
Job Responsibility
Job Responsibility
  • Ensure workplace services are delivered to an agreed consistent standard
  • Maintain safe working practices
  • Ensure day to day service delivery by Workplace team and vendor partners
  • Proactive checks to agreed schedule
  • Implement service tasks, procedures and policies
  • Review and spot-check suppliers/service providers performance
  • Resolve user's complaints and concerns
  • Prepare risk assessments
  • Assist with critical out-of-hours issues and emergency situations
  • Monitor and manage staff performance
What we offer
What we offer
  • Total Rewards Program
  • competitive pay and benefits package
  • Fulltime
Read More
Arrow Right
New

Condition Monitoring Engineer

We are a world leader in Testing, Inspection and Certification (TIC) , deliverin...
Location
Location
Egypt , Suez
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in Mechanical Engineering /certified Vibration Analyst CAT III on -line offline
  • Vibration System Experience
  • 10 years as minimum
Read More
Arrow Right
New

Corrosion Inspector

We are a world leader in Testing, Inspection and Certification (TIC), delivering...
Location
Location
Egypt , Suez
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in metallurgy/Chemical /Mechanical Engineering
  • NACE or BGAS CSWIP Certification
  • 10 years as minimum
Read More
Arrow Right