CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Principal Applied Threat Intelligence Analyst

United States, Redmond Employment contract 142800.00 - 274800.00 USD / Year · Job Posted May 31, 2026
Apply Position
Job Link Share

Job Description

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Microsoft Security Research is at the front line of defending Microsoft customers and the broader ecosystem against the world's most sophisticated threat actors. Our Applied Threat Intelligence team tracks the threat landscape and the threat actors that target our customers; where they have been, where they are today, and predict where they will be tomorrow. We partner deeply across Microsoft Threat Intelligence, product engineering, and research to ensure our customers stay ahead of threats.

Job Responsibility

  • Lead with AI to understand the threat landscape and the latest attacker tradecraft
  • Track threat actors, including financially motivated threat actors
  • their infrastructure, their targets, and their shifting techniques, tactics, and procedures
  • Translate complex technical findings into clear, prescriptive guidance for security operations teams, executives, and the broader defender community
  • Partner with product, research, marketing, and communications teams to ensure high-quality intelligence experiences through Microsoft's customer-facing surfaces and managed services (Agentic Security, Defender XDR, Defender Experts, Sentinel, blogs, briefings)
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups
  • Mentor analysts and contribute to tradecraft, analytic standards, and team-wide knowledge sharing

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • This position requires verification of U.S. citizenship due to citizenship‑based legal restrictions

Nice to have

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • 10+ years of experience in cyber threat intelligence, threat hunting, incident response, or a closely related security discipline
  • Attribution experience creating threat groups, assessing connections between established threat groups, and communicating attribution assessments to internal stakeholders and customers in a timely manner
  • Demonstrated experience producing finished threat intelligence reporting for technical and/or executive audiences
  • Working experience with Microsoft Sentinel and Microsoft Defender XDR (or directly comparable SIEM/XDR platforms)
  • Understanding of adversary tradecraft, the cyber kill chain, and frameworks such as MITRE ATT&CK, the Diamond Model, and structured analytic techniques
  • Excellent written and verbal communication skills, with a portfolio of public or customer-facing intelligence writing
  • Experience tracking and defending against financially motivated threat actors
  • Experience with endpoint, cloud, network, and identity-based attacks and datasets
  • Experience with AI tools and large language models, building agents and skills for information security applications and pipelines
  • Comprehensive OS security/internals knowledge
  • Understanding of network protocols and analytical experience with network infrastructure data & telemetry
  • Reverse-engineering with static and behavioral binary analysis experience
  • Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK
  • Programming or scripting background (Python, PowerShell, C#, C++, etc.)
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Principal Applied Threat Intelligence Analyst

8 matching positions

Protective Intelligence Analyst

The Protective Intelligence Analyst is responsible for supporting the executive ...
Location
Location
United States , Austin
Salary
Salary:
95000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of recent protective intelligence experience supporting executive protection teams and principals, or 5+ years of equivalent military, law enforcement, or intelligence experience.
  • Bachelor’s degree in Intelligence Studies, International Relations, Homeland Security, or related field (or equivalent operational experience).
  • Formal Intelligence Training certification (Military, Government, Association, or Private Sector) required.
  • Advanced training in threat assessment, travel risk management, or protective intelligence preferred.
  • Skilled in open-source (OSINT) and social media research, threat monitoring, and incident verification.
  • Experience producing protective intelligence products—threat assessments, travel risk reports, route/residence assessments, and pre-travel advisories.
  • Ability to collect, vet, and analyze information using the intelligence cycle to create accurate, actionable, bias-mitigated reporting.
  • Strong understanding of global security, geopolitical risks, terrorism, crime, and crisis response as they relate to executive travel and operations.
  • Proven ability to support EP operations in real time, providing clear, concise, and timely threat updates to decision-makers.
  • Proficiency in Microsoft Office Suite and familiarity with protective intelligence platforms (e.g., Factal, Dataminr, Babel Street, LifeRaft, Echosec).
Job Responsibility
Job Responsibility
  • Threat Monitoring & Early Warning: Continuously monitor open sources, social media platforms, dark web, and client-specific intelligence tools for threats or hostile surveillance activity directed at principals, their families, residences, travel plans, or affiliated events.
  • Protective Research & Threat Analysis: Conduct in-depth research and analysis on persons of interest (POIs), hostile actors, and groups with the intent or capability to target principals. Assess motivations, capability, opportunity, and intent to identify potential attack indicators.
  • Travel Risk Intelligence: Provide proactive intelligence support to executive protection teams during domestic and international travel, including country risk assessments, route reconnaissance, hotel and venue security reviews, and incident monitoring during trips. Deliver timely updates to traveling principals and EP teams.
  • Protective Operations Support: Deliver actionable, real-time intelligence to EP teams in support of principal movements, protective advances, route planning, and residence/event security. Maintain constant threat environment awareness and communicate relevant changes.
  • Geopolitical & Environmental Risk Tracking: Monitor global and regional security issues, including terrorism, political unrest, crime trends, natural disasters, and health risks—that could affect principals’ safety during travel or at residences/events.
  • Actionable Reporting & Products: Produce timely, clear, and actionable intelligence products including: Threat assessments (strategic and tactical), Travel risk assessments (pre-trip and in-trip updates), Situation reports (SITREPs) and incident summaries, Route and location assessments (residences, hotels, venues, offices)
  • Threat Mitigation Recommendations: Provide practical, proportionate recommendations to EP teams on how to mitigate identified threats, risks, and vulnerabilities. Offer clear triggers and indicators for escalation or operational adjustments.
  • Database & Knowledge Management: Maintain a structured, cross-referenced database of threats, POIs, incidents, and lessons learned to support future operations and ensure continuity of protective intelligence programs.
  • Confidentiality & Security: Safeguard sensitive client information, personal identifiers, and operational details at all times, adhering to strict confidentiality and need-to-know principles.
  • Operational Integration: Serve as the intelligence liaison to executive protection, event security, and corporate security teams, ensuring protective intelligence is integrated into all protective operations.
What we offer
What we offer
  • Employee Assistance Program
  • Employee Discount Program
  • Tuition Discount Program
  • Training & Career Development Programs
  • Fulltime
Read More
Arrow Right

Principal SOC Operations Lead

We are seeking a Principal SOC Operations Lead to join our Center of Excellence ...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zerofox.com Logo
ZeroFox
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent professional experience
  • advanced degree in intelligence, security studies, or a related field is a plus
  • 5+ years of experience in SOC operations, intelligence analysis, threat intelligence, or a comparable analytical environment
  • Demonstrated experience training, mentoring, or guiding analysts in structured analytical approaches
  • Experience working in scaled, high-volume SOC environments with diverse analyst populations
  • Proven ability to collaborate effectively with engineering, product, and training teams across time zones
  • Deep knowledge of SOC operations, intelligence analysis, and analytical tradecraft
  • Strong understanding of how analysts reason under uncertainty and time pressure
  • Ability to design workflows that support structured thinking and defensible decisions
  • Excellent written and verbal communication skills, particularly in explaining analytical reasoning
Job Responsibility
Job Responsibility
  • Strengthen consistency and defensibility of SOC decision-making across analysts, shifts, and regions
  • Apply deep understanding of the intelligence cycle (collection, evaluation, analysis, dissemination) to operational workflows
  • Observe analyst reasoning patterns to identify cognitive inconsistencies, training opportunities, areas where workflows can better support structured thinking
  • Design and refine workflows that help diverse analysts arrive at consistent, explainable, and defensible outcomes
  • Partner with training and documentation teams to reinforce analytical tradecraft, improve how intelligence reasoning is taught and evaluated
  • Collect and analyze operational and analytical data to distinguish skill gaps vs system limitations, noise vs meaningful signal
  • Develop clear, evidence-based narratives that inform leadership, product, and engineering decisions
  • Partner with engineering and product teams to identify opportunities for ML/AI implementation
  • Serve as a senior operational reference during complex or ambiguous escalation scenarios
  • Monitor the operational ticketing and case-management systems to identify critical escalations, recurring themes, or emerging risks, and to ensure that support teams are equipped with clear guidance, documentation, and escalation paths to address customer and internal requests effectively
What we offer
What we offer
  • Competitive compensation
  • Community-driven culture with employee events
  • Generous time off
  • Best-in-class benefits
  • Fun, modern workspace
  • Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture
  • Fulltime
Read More
Arrow Right
New

Senior Consultant - CRM (Proactive Services) Unit 42

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation's security operations program, organisational structures, and capabilities
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • Defensive Security Skills (desired)
  • Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs
  • Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats
  • Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements
  • Experience in conducting threat hunting and/or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment
  • Relevant industry certifications including GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP
  • Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001/2, PCI, CIS 18, CMMC
  • 3+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards
Job Responsibility
Job Responsibility
  • SOC Advisory
  • Principal Cloud Security
  • Principal Cyber Risk Management
Read More
Arrow Right
New

Forklift Driver

Are you an experienced forklift driver / store person available to work full-tim...
Location
Location
Australia , Bentley
Salary
Salary:
35.00 - 40.00 AUD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
June 27, 2026
Flip Icon
Requirements
Requirements
  • Current forklift experience & valid FL licence
  • Long term work rights essential
  • Ability to pass a physical assessment, drug & alcohol screen & police check
  • Drivers licence & car to get to work & back
  • Experience in warehouse operations
  • Forklift licence
  • Good Physical fitness
  • Excellent Time management skills
  • Great communication skills
Job Responsibility
Job Responsibility
  • Pick packing and preparation of orders
  • Forklift operations
  • Loading / unloading trucks
  • General warehouse duties
What we offer
What we offer
  • Weekly pay
  • Ongoing work
  • Penalty rates
  • Growth opportunities
Read More
Arrow Right
New

Yard Hand

Our client is a global designer, manufacturer, and distributor or MESABI cooling...
Location
Location
Australia , Perth
Salary
Salary:
35.00 AUD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
June 18, 2026
Flip Icon
Requirements
Requirements
  • Must have previous yard hand/store person or labouring experience
  • Current Driving Licence
  • Forklift ticket - with previous experience
  • Must be able to pass pre-employment medical and D&A
  • Must be a Permanent Resident or Citizen
Job Responsibility
Job Responsibility
  • Safely load, unload, and organise raw materials and finished manufactured goods using forklifts and manual handling
  • Maintain an orderly and tidy yard by removing debris, organising stock, and storing equipment securely
  • Assist with inventory control, including conducting stock counts, receiving incoming materials, and preparing items for dispatch
  • Fulltime
Read More
Arrow Right
New

Forklift Driver

Are you an experienced forklift driver / store person available to work full-tim...
Location
Location
Australia , Kenwick
Salary
Salary:
35.00 - 40.00 AUD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
June 20, 2026
Flip Icon
Requirements
Requirements
  • Current forklift experience & valid FL licence
  • Long term work rights essential
  • Ability to pass a physical assessment, drug & alcohol screen & police check
  • Drivers licence & car to get to work & back
  • Experience in warehouse operations
  • Good Physical fitness
  • Excellent Time management skills
  • Great communication skills
  • 1 year experience
Job Responsibility
Job Responsibility
  • Pick packing and preparation of orders
  • Forklift operations
  • Loading / unloading trucks
  • General warehouse duties
What we offer
What we offer
  • Weekly pay
  • Ongoing work
  • Penalty rates for overtime
  • Growth opportunities
Read More
Arrow Right
New

Senior Clinical Research Associate

Senior Clinical Research Associate - Neurovascular - Midwest/Central ICON plc i...
Location
Location
United States , TEXAS, MISSOURI, BLUE BELL, WISCONSIN, CHICAGO
Salary
Salary:
Not provided
iconplc.com Logo
iconplc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A bachelor's degree is required, preferably a Bachelor of Science Degree in Life Science, Physical Science, Nursing or Biological Science
  • 3 years of monitoring required (medical device, pharma, CRO industry)
  • The ideal candidate will have medical device monitoring experience- however, pharma monitoring experience will be considered
  • Neuro or Neurovascular monitoring experience a plus
  • Located in Central/Midwest region (willing to travel to west coast and east coast as needed)
  • In-depth knowledge of FDA regulations and ICH/GCP guidelines
  • Strong problem-solving skills to mitigate risks and identify issues at sites and implement effective solutions promptly
  • Strong interpersonal skills to establish and maintain effective working relationships with site personnel, investigators, and internal teams
  • Exceptional verbal and written communication skills, with the ability to convey complex information clearly and concisely
  • Ability to tailor communication style to the needs and preferences of different stakeholders, fostering a collaborative environment
Job Responsibility
Job Responsibility
  • independently monitors trials either onsite or remotely, ensuring compliance with protocols, ICH-GCP guidelines, ICON and/or customer SOPs, and applicable regulatory requirements
  • supports complex studies, contributes to operational excellence, and serves as a mentor to junior staff, while maintaining site readiness for audits and inspections
What we offer
What we offer
  • Various annual leave entitlements
  • A range of health insurance offerings to suit you and your family’s needs
  • Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead
  • Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family’s well-being
  • Life assurance
  • Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others
Read More
Arrow Right
New

Senior Auditor, Financial Operations

Senior Auditor, NBCUniversal Financial Operations – Comcast Global Audit Team Re...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
comcastadvertising.com Logo
Comcast Advertising
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree
  • 5-7 Years relevant work experience
Job Responsibility
Job Responsibility
  • Participate as active members of the engagement team throughout each phase (i.e., planning, execution, and reporting)
  • Gain broad exposure to our businesses and processes
  • Work collaboratively and independently to conduct audits across operational, financial, regulatory, and/or technology areas across the Company
  • Executes aspects of the standard internal audit process, which includes planning, execution and reporting
  • Performs thorough inquiry and data analysis to understand business operations, assess risk, and develops project scope for complex process areas
  • Contributes to overall planning efforts for engagement timeline and approach
  • Evaluates records, documents, methods, policies, costs, and other factors to determine if functional areas are conducting operations in accordance with established policies and procedures
  • Applies appropriate audit procedures to the areas reviewed
  • Prepares clear and well-organized audit work papers
  • Formulates appropriate conclusions and documents findings
What we offer
What we offer
  • Medical, prescription, vision, and dental insurance for eligible employees
  • 401(k) savings plan with dollar-for-dollar matching up to the first 6% of your pay
  • Paid time off including eight observed company holidays and flex time
  • Exclusive perks + discounts, including tuition assistance, commuter benefits and more
  • Fulltime
Read More
Arrow Right